Executive Summary
Summary | |
---|---|
Title | Oracle JRE/JDK: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201401-30 | First vendor Publication | 2014-01-27 |
Vendor | Gentoo | Last vendor Modification | 2014-01-27 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Background Description Impact Workaround Resolution All Oracle JRE 1.7 users should upgrade to the latest version: All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References Availability http://security.gentoo.org/glsa/glsa-201401-30.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201401-30.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
22 % | CWE-264 | Permissions, Privileges, and Access Controls |
22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
11 % | CWE-310 | Cryptographic Issues |
11 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:13976 | |||
Oval ID: | oval:org.mitre.oval:def:13976 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0505 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14082 | |||
Oval ID: | oval:org.mitre.oval:def:14082 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0506 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14772 | |||
Oval ID: | oval:org.mitre.oval:def:14772 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0497 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14813 | |||
Oval ID: | oval:org.mitre.oval:def:14813 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0503 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14844 | |||
Oval ID: | oval:org.mitre.oval:def:14844 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0500 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14878 | |||
Oval ID: | oval:org.mitre.oval:def:14878 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0499 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14890 | |||
Oval ID: | oval:org.mitre.oval:def:14890 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0504 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14900 | |||
Oval ID: | oval:org.mitre.oval:def:14900 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0502 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14942 | |||
Oval ID: | oval:org.mitre.oval:def:14942 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3563 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15069 | |||
Oval ID: | oval:org.mitre.oval:def:15069 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0501 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15075 | |||
Oval ID: | oval:org.mitre.oval:def:15075 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0498 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15259 | |||
Oval ID: | oval:org.mitre.oval:def:15259 | ||
Title: | DSA-2420-1 openjdk-6 -- several | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. CVE-2011-3377 The Iced Tea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix with the required domain name. CVE-2011-3563 The Java Sound component did not properly check for array boundaries. A malicious input or an untrusted Java application or applet could use this flaw to cause Java Virtual Machine to crash or disclose portion of its memory. CVE-2011-5035 The OpenJDK embedded web server did not guard against an excessive number of a request parameters, leading to a denial of service vulnerability involving hash collisions. CVE-2012-0497 It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. This could lead to JVM crash or Java sandbox bypass. CVE-2012-0501 The ZIP central directory parser used by java.util.zip.ZipFile entered an infinite recursion in native code when processing a crafted ZIP file, leading to a denial of service. CVE-2012-0502 A flaw was found in the AWT KeyboardFocusManager class that could allow untrusted Java applets to acquire keyboard focus and possibly steal sensitive information. CVE-2012-0503 The java.util.TimeZone.setDefault method lacked a security manager invocation, allowing an untrusted Java application or applet to set a new default time zone. CVE-2012-0505 The Java serialization code leaked references to serialization exceptions, possibly leaking critical objects to untrusted code in Java applets and applications. CVE-2012-0506 It was discovered that CORBA implementation in Java did not properly protect repository identifiers on certain Corba objects. This could have been used to perform modification of the data that should have been immutable. CVE-2012-0507 The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine to crash or bypass Java sandbox restrictions | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2420-1 CVE-2011-3377 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15473 | |||
Oval ID: | oval:org.mitre.oval:def:15473 | ||
Title: | USN-1373-2 -- OpenJDK 6 (ARM) vulnerabilities | ||
Description: | openjdk-6b18: Open Source Java implementation Details: USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM . This provides the corresponding OpenJDK 6 update for use with the ARM architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Original advisory Multiple vulnerabilities in OpenJDK 6 for the ARM architecture have been fixed. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1373-2 CVE-2011-5035 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | OpenJDK |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15708 | |||
Oval ID: | oval:org.mitre.oval:def:15708 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2430 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15728 | |||
Oval ID: | oval:org.mitre.oval:def:15728 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0402 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15923 | |||
Oval ID: | oval:org.mitre.oval:def:15923 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Security) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1718 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15996 | |||
Oval ID: | oval:org.mitre.oval:def:15996 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1711 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16011 | |||
Oval ID: | oval:org.mitre.oval:def:16011 | ||
Title: | Vulnerability in the Java Runtime Environment component of Oracle Java SE (subcomponent: JAX-WS) 7 Update 17 and before. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2415 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16043 | |||
Oval ID: | oval:org.mitre.oval:def:16043 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5081 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16055 | |||
Oval ID: | oval:org.mitre.oval:def:16055 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5067 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16074 | |||
Oval ID: | oval:org.mitre.oval:def:16074 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1473 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16093 | |||
Oval ID: | oval:org.mitre.oval:def:16093 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5070 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16147 | |||
Oval ID: | oval:org.mitre.oval:def:16147 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1564 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16162 | |||
Oval ID: | oval:org.mitre.oval:def:16162 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2394 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16168 | |||
Oval ID: | oval:org.mitre.oval:def:16168 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Swing) 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1716 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16201 | |||
Oval ID: | oval:org.mitre.oval:def:16201 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2434 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16213 | |||
Oval ID: | oval:org.mitre.oval:def:16213 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2435 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16214 | |||
Oval ID: | oval:org.mitre.oval:def:16214 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1722 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16227 | |||
Oval ID: | oval:org.mitre.oval:def:16227 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5071 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16247 | |||
Oval ID: | oval:org.mitre.oval:def:16247 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0419 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16258 | |||
Oval ID: | oval:org.mitre.oval:def:16258 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2421 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16259 | |||
Oval ID: | oval:org.mitre.oval:def:16259 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Hotspot) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1723 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16264 | |||
Oval ID: | oval:org.mitre.oval:def:16264 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0448 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16287 | |||
Oval ID: | oval:org.mitre.oval:def:16287 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3342 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16297 | |||
Oval ID: | oval:org.mitre.oval:def:16297 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data. | ||
Description: | The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0401 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16311 | |||
Oval ID: | oval:org.mitre.oval:def:16311 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via vectors related to CORBA. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2446 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16312 | |||
Oval ID: | oval:org.mitre.oval:def:16312 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1719 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16314 | |||
Oval ID: | oval:org.mitre.oval:def:16314 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2424 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16333 | |||
Oval ID: | oval:org.mitre.oval:def:16333 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1540 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16353 | |||
Oval ID: | oval:org.mitre.oval:def:16353 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0446 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16358 | |||
Oval ID: | oval:org.mitre.oval:def:16358 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1721 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16384 | |||
Oval ID: | oval:org.mitre.oval:def:16384 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1541 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16387 | |||
Oval ID: | oval:org.mitre.oval:def:16387 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5086 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16389 | |||
Oval ID: | oval:org.mitre.oval:def:16389 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2464 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16410 | |||
Oval ID: | oval:org.mitre.oval:def:16410 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2431 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16416 | |||
Oval ID: | oval:org.mitre.oval:def:16416 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2428 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16430 | |||
Oval ID: | oval:org.mitre.oval:def:16430 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Sound) 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1481 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16444 | |||
Oval ID: | oval:org.mitre.oval:def:16444 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data and ability to cause a partial denial of service (partial DOS) of Java Runtime Environment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2418 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16446 | |||
Oval ID: | oval:org.mitre.oval:def:16446 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2417 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16454 | |||
Oval ID: | oval:org.mitre.oval:def:16454 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and 6 Update 43 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2433 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16464 | |||
Oval ID: | oval:org.mitre.oval:def:16464 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2416 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16466 | |||
Oval ID: | oval:org.mitre.oval:def:16466 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5073 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16471 | |||
Oval ID: | oval:org.mitre.oval:def:16471 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2425 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16476 | |||
Oval ID: | oval:org.mitre.oval:def:16476 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0423 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16481 | |||
Oval ID: | oval:org.mitre.oval:def:16481 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1561 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16492 | |||
Oval ID: | oval:org.mitre.oval:def:16492 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0437 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16502 | |||
Oval ID: | oval:org.mitre.oval:def:16502 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1713 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16506 | |||
Oval ID: | oval:org.mitre.oval:def:16506 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5089 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16508 | |||
Oval ID: | oval:org.mitre.oval:def:16508 | ||
Title: | DEPRECATED: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Java Runtime Environment) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1717 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16511 | |||
Oval ID: | oval:org.mitre.oval:def:16511 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1488 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16512 | |||
Oval ID: | oval:org.mitre.oval:def:16512 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Scripting) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3213 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16513 | |||
Oval ID: | oval:org.mitre.oval:def:16513 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Hotspot) 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1725 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16522 | |||
Oval ID: | oval:org.mitre.oval:def:16522 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5072 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16527 | |||
Oval ID: | oval:org.mitre.oval:def:16527 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Runtime Environment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2419 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16530 | |||
Oval ID: | oval:org.mitre.oval:def:16530 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JMX) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0409 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16531 | |||
Oval ID: | oval:org.mitre.oval:def:16531 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JavaFX) 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1479 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16533 | |||
Oval ID: | oval:org.mitre.oval:def:16533 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5068 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16536 | |||
Oval ID: | oval:org.mitre.oval:def:16536 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2427 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16538 | |||
Oval ID: | oval:org.mitre.oval:def:16538 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3216 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16540 | |||
Oval ID: | oval:org.mitre.oval:def:16540 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2436 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16543 | |||
Oval ID: | oval:org.mitre.oval:def:16543 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1558 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16544 | |||
Oval ID: | oval:org.mitre.oval:def:16544 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5083 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16545 | |||
Oval ID: | oval:org.mitre.oval:def:16545 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2453 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16546 | |||
Oval ID: | oval:org.mitre.oval:def:16546 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1531 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16549 | |||
Oval ID: | oval:org.mitre.oval:def:16549 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font layout" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2384 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16553 | |||
Oval ID: | oval:org.mitre.oval:def:16553 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5084 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16556 | |||
Oval ID: | oval:org.mitre.oval:def:16556 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1532 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16560 | |||
Oval ID: | oval:org.mitre.oval:def:16560 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5087 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16561 | |||
Oval ID: | oval:org.mitre.oval:def:16561 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2422 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16564 | |||
Oval ID: | oval:org.mitre.oval:def:16564 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2383 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16578 | |||
Oval ID: | oval:org.mitre.oval:def:16578 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1537 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16580 | |||
Oval ID: | oval:org.mitre.oval:def:16580 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2452 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16582 | |||
Oval ID: | oval:org.mitre.oval:def:16582 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0438 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16585 | |||
Oval ID: | oval:org.mitre.oval:def:16585 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5077 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16586 | |||
Oval ID: | oval:org.mitre.oval:def:16586 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2440 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16597 | |||
Oval ID: | oval:org.mitre.oval:def:16597 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before and 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2420 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16600 | |||
Oval ID: | oval:org.mitre.oval:def:16600 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Install) 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0430 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16602 | |||
Oval ID: | oval:org.mitre.oval:def:16602 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5079 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16605 | |||
Oval ID: | oval:org.mitre.oval:def:16605 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5088 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16610 | |||
Oval ID: | oval:org.mitre.oval:def:16610 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0449 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16611 | |||
Oval ID: | oval:org.mitre.oval:def:16611 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2432 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16615 | |||
Oval ID: | oval:org.mitre.oval:def:16615 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3159 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16617 | |||
Oval ID: | oval:org.mitre.oval:def:16617 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2437 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16618 | |||
Oval ID: | oval:org.mitre.oval:def:16618 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2438 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16623 | |||
Oval ID: | oval:org.mitre.oval:def:16623 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4416 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16641 | |||
Oval ID: | oval:org.mitre.oval:def:16641 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5076 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16648 | |||
Oval ID: | oval:org.mitre.oval:def:16648 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1533 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16654 | |||
Oval ID: | oval:org.mitre.oval:def:16654 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5085 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16659 | |||
Oval ID: | oval:org.mitre.oval:def:16659 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JAXP) 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1724 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16663 | |||
Oval ID: | oval:org.mitre.oval:def:16663 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1491 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16667 | |||
Oval ID: | oval:org.mitre.oval:def:16667 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2427, and CVE-2013-2428. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2414 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16668 | |||
Oval ID: | oval:org.mitre.oval:def:16668 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5074 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16680 | |||
Oval ID: | oval:org.mitre.oval:def:16680 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0445 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16683 | |||
Oval ID: | oval:org.mitre.oval:def:16683 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before.Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2426 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16684 | |||
Oval ID: | oval:org.mitre.oval:def:16684 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5075 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16685 | |||
Oval ID: | oval:org.mitre.oval:def:16685 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5069 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16686 | |||
Oval ID: | oval:org.mitre.oval:def:16686 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3143 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16688 | |||
Oval ID: | oval:org.mitre.oval:def:16688 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1557 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16697 | |||
Oval ID: | oval:org.mitre.oval:def:16697 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5 Update 41 and earlier can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data as well as read access to a subset of Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1569 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16699 | |||
Oval ID: | oval:org.mitre.oval:def:16699 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1726 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16700 | |||
Oval ID: | oval:org.mitre.oval:def:16700 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2423 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16702 | |||
Oval ID: | oval:org.mitre.oval:def:16702 | ||
Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before, 6 Update 43 and before, 5.0 Update 41 and before. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1518 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16703 | |||
Oval ID: | oval:org.mitre.oval:def:16703 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Deployment) 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0351 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16712 | |||
Oval ID: | oval:org.mitre.oval:def:16712 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2472 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16770 | |||
Oval ID: | oval:org.mitre.oval:def:16770 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Networking. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2447 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16803 | |||
Oval ID: | oval:org.mitre.oval:def:16803 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2442 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16806 | |||
Oval ID: | oval:org.mitre.oval:def:16806 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2470 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16840 | |||
Oval ID: | oval:org.mitre.oval:def:16840 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2471 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16851 | |||
Oval ID: | oval:org.mitre.oval:def:16851 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier allows remote attackers to affect availability via vectors related to AWT. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2444 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16887 | |||
Oval ID: | oval:org.mitre.oval:def:16887 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2461 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16899 | |||
Oval ID: | oval:org.mitre.oval:def:16899 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2400 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16908 | |||
Oval ID: | oval:org.mitre.oval:def:16908 | ||
Title: | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server | ||
Description: | Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-5035 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Oracle WebLogic Server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16982 | |||
Oval ID: | oval:org.mitre.oval:def:16982 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2466 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17014 | |||
Oval ID: | oval:org.mitre.oval:def:17014 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2467 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17042 | |||
Oval ID: | oval:org.mitre.oval:def:17042 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2469 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17052 | |||
Oval ID: | oval:org.mitre.oval:def:17052 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2448 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17069 | |||
Oval ID: | oval:org.mitre.oval:def:17069 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2458 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17090 | |||
Oval ID: | oval:org.mitre.oval:def:17090 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect availability via unknown vectors related to Hotspot. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2445 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17098 | |||
Oval ID: | oval:org.mitre.oval:def:17098 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2412 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17106 | |||
Oval ID: | oval:org.mitre.oval:def:17106 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2465 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17116 | |||
Oval ID: | oval:org.mitre.oval:def:17116 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2460 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17149 | |||
Oval ID: | oval:org.mitre.oval:def:17149 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2463 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17176 | |||
Oval ID: | oval:org.mitre.oval:def:17176 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect availability via unknown vectors related to Serialization. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2450 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17180 | |||
Oval ID: | oval:org.mitre.oval:def:17180 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3744 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17181 | |||
Oval ID: | oval:org.mitre.oval:def:17181 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2459 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17189 | |||
Oval ID: | oval:org.mitre.oval:def:17189 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2473 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17192 | |||
Oval ID: | oval:org.mitre.oval:def:17192 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2449 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17195 | |||
Oval ID: | oval:org.mitre.oval:def:17195 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2407 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17202 | |||
Oval ID: | oval:org.mitre.oval:def:17202 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3743 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17206 | |||
Oval ID: | oval:org.mitre.oval:def:17206 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2468 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17214 | |||
Oval ID: | oval:org.mitre.oval:def:17214 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2455 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17215 | |||
Oval ID: | oval:org.mitre.oval:def:17215 | ||
Title: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier allows remote attackers to affect integrity via unknown vectors related to Javadoc. | ||
Description: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1571 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17221 | |||
Oval ID: | oval:org.mitre.oval:def:17221 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1500 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17230 | |||
Oval ID: | oval:org.mitre.oval:def:17230 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2443 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17236 | |||
Oval ID: | oval:org.mitre.oval:def:17236 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2454 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17256 | |||
Oval ID: | oval:org.mitre.oval:def:17256 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2457 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17257 | |||
Oval ID: | oval:org.mitre.oval:def:17257 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2462 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17265 | |||
Oval ID: | oval:org.mitre.oval:def:17265 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper enforcement of exclusive port binds when running on Windows, which allows attackers to bind to ports that are already in use. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2451 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17294 | |||
Oval ID: | oval:org.mitre.oval:def:17294 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Serialization. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-2456 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17565 | |||
Oval ID: | oval:org.mitre.oval:def:17565 | ||
Title: | USN-1505-2 -- icedtea-web regression | ||
Description: | USN 1505-1 introduced a regression in the IcedTea-Web Java web browser plugin that prevented it from working with the Chromium web browser. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1505-2 CVE-2012-1711 CVE-2012-1719 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1723 CVE-2012-1725 CVE-2012-1724 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 | Product(s): | icedtea-web |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17879 | |||
Oval ID: | oval:org.mitre.oval:def:17879 | ||
Title: | USN-1505-1 -- icedtea-web, openjdk-6 vulnerabilities | ||
Description: | Several security issues were fixed in OpenJDK 6. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1505-1 CVE-2012-1711 CVE-2012-1719 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1723 CVE-2012-1725 CVE-2012-1724 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 | Product(s): | openjdk-6 icedtea-web |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18151 | |||
Oval ID: | oval:org.mitre.oval:def:18151 | ||
Title: | USN-1693-1 -- openjdk-7 vulnerabilities | ||
Description: | OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1693-1 CVE-2012-3174 CVE-2013-0422 | Version: | 7 |
Platform(s): | Ubuntu 12.10 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18173 | |||
Oval ID: | oval:org.mitre.oval:def:18173 | ||
Title: | DSA-2507-1 openjdk-6 - several | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2507-1 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18219 | |||
Oval ID: | oval:org.mitre.oval:def:18219 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5848 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18236 | |||
Oval ID: | oval:org.mitre.oval:def:18236 | ||
Title: | USN-1907-2 -- icedtea-web update | ||
Description: | IcedTea Web updated to work with new OpenJDK 7. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1907-2 CVE-2013-1500 CVE-2013-2454 CVE-2013-2458 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2446 CVE-2013-2447 CVE-2013-2449 CVE-2013-2452 CVE-2013-2456 CVE-2013-2444 CVE-2013-2445 CVE-2013-2450 CVE-2013-2448 CVE-2013-2451 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-2453 CVE-2013-2455 CVE-2013-2457 | Version: | 7 |
Platform(s): | Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | icedtea-web |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18247 | |||
Oval ID: | oval:org.mitre.oval:def:18247 | ||
Title: | USN-1755-2 -- openjdk-7 vulnerabilities | ||
Description: | OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1755-2 CVE-2013-0809 CVE-2013-1493 | Version: | 7 |
Platform(s): | Ubuntu 12.10 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18302 | |||
Oval ID: | oval:org.mitre.oval:def:18302 | ||
Title: | USN-1732-1 -- openssl vulnerabilities | ||
Description: | Several security issues were fixed in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1732-1 CVE-2012-2686 CVE-2013-0166 CVE-2013-0169 | Version: | 7 |
Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18436 | |||
Oval ID: | oval:org.mitre.oval:def:18436 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5842 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18458 | |||
Oval ID: | oval:org.mitre.oval:def:18458 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5844 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18501 | |||
Oval ID: | oval:org.mitre.oval:def:18501 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5806 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18504 | |||
Oval ID: | oval:org.mitre.oval:def:18504 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5809 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18565 | |||
Oval ID: | oval:org.mitre.oval:def:18565 | ||
Title: | DSA-2621-1 openssl - several vulnerabilities | ||
Description: | Multiple vulnerabilities have been found in OpenSSL. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2621-1 CVE-2013-0166 CVE-2013-0169 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18607 | |||
Oval ID: | oval:org.mitre.oval:def:18607 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5788 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18622 | |||
Oval ID: | oval:org.mitre.oval:def:18622 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2407 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18645 | |||
Oval ID: | oval:org.mitre.oval:def:18645 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5782 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18699 | |||
Oval ID: | oval:org.mitre.oval:def:18699 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2447 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18717 | |||
Oval ID: | oval:org.mitre.oval:def:18717 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2449 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18733 | |||
Oval ID: | oval:org.mitre.oval:def:18733 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5790 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18761 | |||
Oval ID: | oval:org.mitre.oval:def:18761 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5818 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18783 | |||
Oval ID: | oval:org.mitre.oval:def:18783 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5823 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18869 | |||
Oval ID: | oval:org.mitre.oval:def:18869 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0423 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18874 | |||
Oval ID: | oval:org.mitre.oval:def:18874 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5803 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18894 | |||
Oval ID: | oval:org.mitre.oval:def:18894 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5801 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18904 | |||
Oval ID: | oval:org.mitre.oval:def:18904 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5846 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18905 | |||
Oval ID: | oval:org.mitre.oval:def:18905 | ||
Title: | DSA-2727-1 openjdk-6 - several | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2727-1 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 8 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18943 | |||
Oval ID: | oval:org.mitre.oval:def:18943 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5805 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18956 | |||
Oval ID: | oval:org.mitre.oval:def:18956 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5797 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18971 | |||
Oval ID: | oval:org.mitre.oval:def:18971 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5849 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18972 | |||
Oval ID: | oval:org.mitre.oval:def:18972 | ||
Title: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5777 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18983 | |||
Oval ID: | oval:org.mitre.oval:def:18983 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5852 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18990 | |||
Oval ID: | oval:org.mitre.oval:def:18990 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5840 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19002 | |||
Oval ID: | oval:org.mitre.oval:def:19002 | ||
Title: | Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3829 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19016 | |||
Oval ID: | oval:org.mitre.oval:def:19016 | ||
Title: | OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d in VisualSVN Server (CVE-2013-0169) | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 6 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | VisualSVN Server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19018 | |||
Oval ID: | oval:org.mitre.oval:def:19018 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5789 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19019 | |||
Oval ID: | oval:org.mitre.oval:def:19019 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2400 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19020 | |||
Oval ID: | oval:org.mitre.oval:def:19020 | ||
Title: | Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5778 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19024 | |||
Oval ID: | oval:org.mitre.oval:def:19024 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5817 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19032 | |||
Oval ID: | oval:org.mitre.oval:def:19032 | ||
Title: | Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5774 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19043 | |||
Oval ID: | oval:org.mitre.oval:def:19043 | ||
Title: | Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5776 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19046 | |||
Oval ID: | oval:org.mitre.oval:def:19046 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5825 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19048 | |||
Oval ID: | oval:org.mitre.oval:def:19048 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0446 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19049 | |||
Oval ID: | oval:org.mitre.oval:def:19049 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5784 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19061 | |||
Oval ID: | oval:org.mitre.oval:def:19061 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5851 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19082 | |||
Oval ID: | oval:org.mitre.oval:def:19082 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5819 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19088 | |||
Oval ID: | oval:org.mitre.oval:def:19088 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5783 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19093 | |||
Oval ID: | oval:org.mitre.oval:def:19093 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5800 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19094 | |||
Oval ID: | oval:org.mitre.oval:def:19094 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5810 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19095 | |||
Oval ID: | oval:org.mitre.oval:def:19095 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5832 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19096 | |||
Oval ID: | oval:org.mitre.oval:def:19096 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5830 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19097 | |||
Oval ID: | oval:org.mitre.oval:def:19097 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0419 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19101 | |||
Oval ID: | oval:org.mitre.oval:def:19101 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5780 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19114 | |||
Oval ID: | oval:org.mitre.oval:def:19114 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0409 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19119 | |||
Oval ID: | oval:org.mitre.oval:def:19119 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-3213 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19122 | |||
Oval ID: | oval:org.mitre.oval:def:19122 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5831 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19123 | |||
Oval ID: | oval:org.mitre.oval:def:19123 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0449 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19129 | |||
Oval ID: | oval:org.mitre.oval:def:19129 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2460 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19141 | |||
Oval ID: | oval:org.mitre.oval:def:19141 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u25 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5838 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19144 | |||
Oval ID: | oval:org.mitre.oval:def:19144 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5843 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19147 | |||
Oval ID: | oval:org.mitre.oval:def:19147 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5787 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19150 | |||
Oval ID: | oval:org.mitre.oval:def:19150 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5850 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19185 | |||
Oval ID: | oval:org.mitre.oval:def:19185 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5814 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19187 | |||
Oval ID: | oval:org.mitre.oval:def:19187 | ||
Title: | Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5854 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19188 | |||
Oval ID: | oval:org.mitre.oval:def:19188 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5804 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19189 | |||
Oval ID: | oval:org.mitre.oval:def:19189 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5829 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19198 | |||
Oval ID: | oval:org.mitre.oval:def:19198 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-3342 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19206 | |||
Oval ID: | oval:org.mitre.oval:def:19206 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5820 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19207 | |||
Oval ID: | oval:org.mitre.oval:def:19207 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5802 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19208 | |||
Oval ID: | oval:org.mitre.oval:def:19208 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5812 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19212 | |||
Oval ID: | oval:org.mitre.oval:def:19212 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5824 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19216 | |||
Oval ID: | oval:org.mitre.oval:def:19216 | ||
Title: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier | ||
Description: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5775 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19219 | |||
Oval ID: | oval:org.mitre.oval:def:19219 | ||
Title: | Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier | ||
Description: | Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5772 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19225 | |||
Oval ID: | oval:org.mitre.oval:def:19225 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2446 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19237 | |||
Oval ID: | oval:org.mitre.oval:def:19237 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2454 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19246 | |||
Oval ID: | oval:org.mitre.oval:def:19246 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1493 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19267 | |||
Oval ID: | oval:org.mitre.oval:def:19267 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2456 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19271 | |||
Oval ID: | oval:org.mitre.oval:def:19271 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1473 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19288 | |||
Oval ID: | oval:org.mitre.oval:def:19288 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0438 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19299 | |||
Oval ID: | oval:org.mitre.oval:def:19299 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2443 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19304 | |||
Oval ID: | oval:org.mitre.oval:def:19304 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0445 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19307 | |||
Oval ID: | oval:org.mitre.oval:def:19307 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2444 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19310 | |||
Oval ID: | oval:org.mitre.oval:def:19310 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2459 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19320 | |||
Oval ID: | oval:org.mitre.oval:def:19320 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0809 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19375 | |||
Oval ID: | oval:org.mitre.oval:def:19375 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2412 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19378 | |||
Oval ID: | oval:org.mitre.oval:def:19378 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2462 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19388 | |||
Oval ID: | oval:org.mitre.oval:def:19388 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1485 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19390 | |||
Oval ID: | oval:org.mitre.oval:def:19390 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2464 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19403 | |||
Oval ID: | oval:org.mitre.oval:def:19403 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0437 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19408 | |||
Oval ID: | oval:org.mitre.oval:def:19408 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-5035 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19424 | |||
Oval ID: | oval:org.mitre.oval:def:19424 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19428 | |||
Oval ID: | oval:org.mitre.oval:def:19428 | ||
Title: | HP-UX Apache Web Server, Remote Denial of Service (DoS) | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 7 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19439 | |||
Oval ID: | oval:org.mitre.oval:def:19439 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0351 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19441 | |||
Oval ID: | oval:org.mitre.oval:def:19441 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2471 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19445 | |||
Oval ID: | oval:org.mitre.oval:def:19445 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0502 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19455 | |||
Oval ID: | oval:org.mitre.oval:def:19455 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2465 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19460 | |||
Oval ID: | oval:org.mitre.oval:def:19460 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2442 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19469 | |||
Oval ID: | oval:org.mitre.oval:def:19469 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1486 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19478 | |||
Oval ID: | oval:org.mitre.oval:def:19478 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2468 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19486 | |||
Oval ID: | oval:org.mitre.oval:def:19486 | ||
Title: | DSA-2722-1 openjdk-7 - several | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2722-1 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19499 | |||
Oval ID: | oval:org.mitre.oval:def:19499 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-1541 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19508 | |||
Oval ID: | oval:org.mitre.oval:def:19508 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1484 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19511 | |||
Oval ID: | oval:org.mitre.oval:def:19511 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1487 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19512 | |||
Oval ID: | oval:org.mitre.oval:def:19512 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2467 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19516 | |||
Oval ID: | oval:org.mitre.oval:def:19516 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2445 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19517 | |||
Oval ID: | oval:org.mitre.oval:def:19517 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2470 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19518 | |||
Oval ID: | oval:org.mitre.oval:def:19518 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1571 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19524 | |||
Oval ID: | oval:org.mitre.oval:def:19524 | ||
Title: | HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2417 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19527 | |||
Oval ID: | oval:org.mitre.oval:def:19527 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0506 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19543 | |||
Oval ID: | oval:org.mitre.oval:def:19543 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2472 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19550 | |||
Oval ID: | oval:org.mitre.oval:def:19550 | ||
Title: | HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-1537 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19551 | |||
Oval ID: | oval:org.mitre.oval:def:19551 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2437 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19552 | |||
Oval ID: | oval:org.mitre.oval:def:19552 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2469 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19557 | |||
Oval ID: | oval:org.mitre.oval:def:19557 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0497 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19560 | |||
Oval ID: | oval:org.mitre.oval:def:19560 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2455 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19582 | |||
Oval ID: | oval:org.mitre.oval:def:19582 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2461 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19583 | |||
Oval ID: | oval:org.mitre.oval:def:19583 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0500 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19591 | |||
Oval ID: | oval:org.mitre.oval:def:19591 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-3743 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19599 | |||
Oval ID: | oval:org.mitre.oval:def:19599 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0501 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19608 | |||
Oval ID: | oval:org.mitre.oval:def:19608 | ||
Title: | Multiple OpenSSL vulnerabilities | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 5 |
Platform(s): | IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19611 | |||
Oval ID: | oval:org.mitre.oval:def:19611 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2453 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19615 | |||
Oval ID: | oval:org.mitre.oval:def:19615 | ||
Title: | HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-4681 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19620 | |||
Oval ID: | oval:org.mitre.oval:def:19620 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2463 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19632 | |||
Oval ID: | oval:org.mitre.oval:def:19632 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2448 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19641 | |||
Oval ID: | oval:org.mitre.oval:def:19641 | ||
Title: | HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0401 | Version: | 12 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19644 | |||
Oval ID: | oval:org.mitre.oval:def:19644 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0503 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19645 | |||
Oval ID: | oval:org.mitre.oval:def:19645 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2450 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19649 | |||
Oval ID: | oval:org.mitre.oval:def:19649 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2468. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2466 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19652 | |||
Oval ID: | oval:org.mitre.oval:def:19652 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2473 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19665 | |||
Oval ID: | oval:org.mitre.oval:def:19665 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2452 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19684 | |||
Oval ID: | oval:org.mitre.oval:def:19684 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-3744 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19696 | |||
Oval ID: | oval:org.mitre.oval:def:19696 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2457 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19709 | |||
Oval ID: | oval:org.mitre.oval:def:19709 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-2458 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19800 | |||
Oval ID: | oval:org.mitre.oval:def:19800 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0499 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19808 | |||
Oval ID: | oval:org.mitre.oval:def:19808 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0498 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19813 | |||
Oval ID: | oval:org.mitre.oval:def:19813 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-3563 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19829 | |||
Oval ID: | oval:org.mitre.oval:def:19829 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0505 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19842 | |||
Oval ID: | oval:org.mitre.oval:def:19842 | ||
Title: | HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0547 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19848 | |||
Oval ID: | oval:org.mitre.oval:def:19848 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0507 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19854 | |||
Oval ID: | oval:org.mitre.oval:def:19854 | ||
Title: | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0504 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19946 | |||
Oval ID: | oval:org.mitre.oval:def:19946 | ||
Title: | HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-1682 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20185 | |||
Oval ID: | oval:org.mitre.oval:def:20185 | ||
Title: | RHSA-2013:0601: java-1.6.0-sun security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20333 | |||
Oval ID: | oval:org.mitre.oval:def:20333 | ||
Title: | RHSA-2013:0605: java-1.6.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0605-02 CESA-2013:0605 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20562 | |||
Oval ID: | oval:org.mitre.oval:def:20562 | ||
Title: | RHSA-2013:0156: java-1.7.0-oracle security update (Critical) | ||
Description: | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0156-01 CVE-2012-3174 CVE-2013-0422 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20575 | |||
Oval ID: | oval:org.mitre.oval:def:20575 | ||
Title: | RHSA-2013:0274: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0274-00 CESA-2013:0274 CVE-2013-0169 CVE-2013-1486 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20744 | |||
Oval ID: | oval:org.mitre.oval:def:20744 | ||
Title: | RHSA-2013:0602: java-1.7.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0602-01 CESA-2013:0602 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20754 | |||
Oval ID: | oval:org.mitre.oval:def:20754 | ||
Title: | RHSA-2012:0322: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0322-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20766 | |||
Oval ID: | oval:org.mitre.oval:def:20766 | ||
Title: | RHSA-2013:0273: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0273-01 CESA-2013:0273 CVE-2013-0169 CVE-2013-1486 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20775 | |||
Oval ID: | oval:org.mitre.oval:def:20775 | ||
Title: | RHSA-2013:0604: java-1.6.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0604-00 CESA-2013:0604 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20778 | |||
Oval ID: | oval:org.mitre.oval:def:20778 | ||
Title: | RHSA-2013:0275: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0275-01 CESA-2013:0275 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 | Version: | 59 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20786 | |||
Oval ID: | oval:org.mitre.oval:def:20786 | ||
Title: | VMware vSphere, ESX and ESXi updates to third party libraries | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20822 | |||
Oval ID: | oval:org.mitre.oval:def:20822 | ||
Title: | RHSA-2013:0165: java-1.7.0-openjdk security update (Important) | ||
Description: | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0165-01 CESA-2013:0165 CVE-2012-3174 CVE-2013-0422 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20870 | |||
Oval ID: | oval:org.mitre.oval:def:20870 | ||
Title: | RHSA-2013:0600: java-1.7.0-oracle security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20875 | |||
Oval ID: | oval:org.mitre.oval:def:20875 | ||
Title: | RHSA-2013:0531: java-1.6.0-sun security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0531-01 CVE-2013-0169 CVE-2013-1486 CVE-2013-1487 | Version: | 45 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20992 | |||
Oval ID: | oval:org.mitre.oval:def:20992 | ||
Title: | RHSA-2013:0532: java-1.7.0-oracle security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0532-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 | Version: | 73 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21074 | |||
Oval ID: | oval:org.mitre.oval:def:21074 | ||
Title: | RHSA-2013:0751: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0751-01 CESA-2013:0751 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 | Version: | 311 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21079 | |||
Oval ID: | oval:org.mitre.oval:def:21079 | ||
Title: | RHSA-2013:0587: openssl security update (Moderate) | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0587-01 CESA-2013:0587 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 | Version: | 45 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21135 | |||
Oval ID: | oval:org.mitre.oval:def:21135 | ||
Title: | RHSA-2013:0957: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0957-00 CESA-2013:0957 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 409 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21156 | |||
Oval ID: | oval:org.mitre.oval:def:21156 | ||
Title: | RHSA-2013:0603: java-1.7.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0603-00 CESA-2013:0603 CVE-2013-0809 CVE-2013-1493 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21176 | |||
Oval ID: | oval:org.mitre.oval:def:21176 | ||
Title: | RHSA-2012:0730: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0730-00 CESA-2012:0730 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 120 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21222 | |||
Oval ID: | oval:org.mitre.oval:def:21222 | ||
Title: | RHSA-2013:0958: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0958-00 CESA-2013:0958 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 409 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21284 | |||
Oval ID: | oval:org.mitre.oval:def:21284 | ||
Title: | RHSA-2012:1221: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1221-01 CESA-2012:1221 CVE-2012-0547 CVE-2012-1682 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21309 | |||
Oval ID: | oval:org.mitre.oval:def:21309 | ||
Title: | RHSA-2012:0729: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0729-01 CESA-2012:0729 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 120 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21340 | |||
Oval ID: | oval:org.mitre.oval:def:21340 | ||
Title: | RHSA-2012:0135: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0135-01 CESA-2012:0135 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21354 | |||
Oval ID: | oval:org.mitre.oval:def:21354 | ||
Title: | RHSA-2012:1223: java-1.7.0-openjdk security update (Important) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1223-01 CESA-2012:1223 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 | Version: | 55 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21371 | |||
Oval ID: | oval:org.mitre.oval:def:21371 | ||
Title: | RHSA-2012:1222: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1222-00 CESA-2012:1222 CVE-2012-0547 CVE-2012-1682 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21384 | |||
Oval ID: | oval:org.mitre.oval:def:21384 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5906. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5905 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21410 | |||
Oval ID: | oval:org.mitre.oval:def:21410 | ||
Title: | RHSA-2012:0139: java-1.6.0-sun security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0139-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 159 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21418 | |||
Oval ID: | oval:org.mitre.oval:def:21418 | ||
Title: | Vulnerability in Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5904 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21422 | |||
Oval ID: | oval:org.mitre.oval:def:21422 | ||
Title: | RHSA-2012:1385: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1385-00 CESA-2012:1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21488 | |||
Oval ID: | oval:org.mitre.oval:def:21488 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0418 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21517 | |||
Oval ID: | oval:org.mitre.oval:def:21517 | ||
Title: | RHSA-2012:1225: java-1.7.0-oracle security update (Critical) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1225-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 | Version: | 55 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21580 | |||
Oval ID: | oval:org.mitre.oval:def:21580 | ||
Title: | RHSA-2012:1009: java-1.7.0-openjdk security and bug fix update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1009-01 CESA-2012:1009 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 | Version: | 133 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21586 | |||
Oval ID: | oval:org.mitre.oval:def:21586 | ||
Title: | RHSA-2012:1386: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1386-02 CESA-2012:1386 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 | Version: | 263 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21588 | |||
Oval ID: | oval:org.mitre.oval:def:21588 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5776 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21593 | |||
Oval ID: | oval:org.mitre.oval:def:21593 | ||
Title: | RHSA-2012:1384: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1384-01 CESA-2012:1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21607 | |||
Oval ID: | oval:org.mitre.oval:def:21607 | ||
Title: | RHSA-2012:1289: java-1.7.0-ibm security update (Critical) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1289-01 CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681 | Version: | 172 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | java-1.7.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21640 | |||
Oval ID: | oval:org.mitre.oval:def:21640 | ||
Title: | RHSA-2014:0026: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0026-00 CESA-2014:0026 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 187 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21653 | |||
Oval ID: | oval:org.mitre.oval:def:21653 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0424 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21768 | |||
Oval ID: | oval:org.mitre.oval:def:21768 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0375 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21832 | |||
Oval ID: | oval:org.mitre.oval:def:21832 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5797 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21843 | |||
Oval ID: | oval:org.mitre.oval:def:21843 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5829 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21918 | |||
Oval ID: | oval:org.mitre.oval:def:21918 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-3829 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21962 | |||
Oval ID: | oval:org.mitre.oval:def:21962 | ||
Title: | Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5870 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21977 | |||
Oval ID: | oval:org.mitre.oval:def:21977 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5888 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21978 | |||
Oval ID: | oval:org.mitre.oval:def:21978 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5783 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21979 | |||
Oval ID: | oval:org.mitre.oval:def:21979 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Beans) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0423 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21989 | |||
Oval ID: | oval:org.mitre.oval:def:21989 | ||
Title: | Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0410 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21993 | |||
Oval ID: | oval:org.mitre.oval:def:21993 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5817 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22015 | |||
Oval ID: | oval:org.mitre.oval:def:22015 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5809 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22034 | |||
Oval ID: | oval:org.mitre.oval:def:22034 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JavaFX 2.2.45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0417 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22046 | |||
Oval ID: | oval:org.mitre.oval:def:22046 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5780 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22049 | |||
Oval ID: | oval:org.mitre.oval:def:22049 | ||
Title: | RHSA-2014:0027: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0027-00 CESA-2014:0027 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 187 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22066 | |||
Oval ID: | oval:org.mitre.oval:def:22066 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5899 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22073 | |||
Oval ID: | oval:org.mitre.oval:def:22073 | ||
Title: | Vulnerability in Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Libraries) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5893 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22096 | |||
Oval ID: | oval:org.mitre.oval:def:22096 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, JRockit R28.2.9 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JSSE) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0411 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22106 | |||
Oval ID: | oval:org.mitre.oval:def:22106 | ||
Title: | Vulnerability in Java SE 6u65, Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5889 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22118 | |||
Oval ID: | oval:org.mitre.oval:def:22118 | ||
Title: | Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0382 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22135 | |||
Oval ID: | oval:org.mitre.oval:def:22135 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5848 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22137 | |||
Oval ID: | oval:org.mitre.oval:def:22137 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5814 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22155 | |||
Oval ID: | oval:org.mitre.oval:def:22155 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5843 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22157 | |||
Oval ID: | oval:org.mitre.oval:def:22157 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5775 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22170 | |||
Oval ID: | oval:org.mitre.oval:def:22170 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, JRockit R27.7.7, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: 2D) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5907 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JRockit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22176 | |||
Oval ID: | oval:org.mitre.oval:def:22176 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5772 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22189 | |||
Oval ID: | oval:org.mitre.oval:def:22189 | ||
Title: | RHSA-2014:0097: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0097-00 CESA-2014:0097 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 122 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22192 | |||
Oval ID: | oval:org.mitre.oval:def:22192 | ||
Title: | Vulnerability in Java SE component of Oracle Java SE 6u65 and Java SE 7u45 (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0415 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22200 | |||
Oval ID: | oval:org.mitre.oval:def:22200 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Install) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5906 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22202 | |||
Oval ID: | oval:org.mitre.oval:def:22202 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5778 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22205 | |||
Oval ID: | oval:org.mitre.oval:def:22205 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5806 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22214 | |||
Oval ID: | oval:org.mitre.oval:def:22214 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAAS) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0416 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22233 | |||
Oval ID: | oval:org.mitre.oval:def:22233 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0428 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22237 | |||
Oval ID: | oval:org.mitre.oval:def:22237 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5840 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22239 | |||
Oval ID: | oval:org.mitre.oval:def:22239 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5804 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22241 | |||
Oval ID: | oval:org.mitre.oval:def:22241 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5774 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22245 | |||
Oval ID: | oval:org.mitre.oval:def:22245 | ||
Title: | Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5878 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22256 | |||
Oval ID: | oval:org.mitre.oval:def:22256 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5820 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22258 | |||
Oval ID: | oval:org.mitre.oval:def:22258 | ||
Title: | Vulnerability in Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Security) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5910 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22260 | |||
Oval ID: | oval:org.mitre.oval:def:22260 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5842 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22261 | |||
Oval ID: | oval:org.mitre.oval:def:22261 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5801 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22270 | |||
Oval ID: | oval:org.mitre.oval:def:22270 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JAXP) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for "code permissions when creating document builder factories." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0376 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22289 | |||
Oval ID: | oval:org.mitre.oval:def:22289 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: Networking) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0368 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22304 | |||
Oval ID: | oval:org.mitre.oval:def:22304 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Serviceability) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0373 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22311 | |||
Oval ID: | oval:org.mitre.oval:def:22311 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5846 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22317 | |||
Oval ID: | oval:org.mitre.oval:def:22317 | ||
Title: | Vulnerability in Java SE 7u45 and JavaFX 2.2.45 component of Oracle Java SE (subcomponent: JavaFX) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5895 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22330 | |||
Oval ID: | oval:org.mitre.oval:def:22330 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0403 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22349 | |||
Oval ID: | oval:org.mitre.oval:def:22349 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5902 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22363 | |||
Oval ID: | oval:org.mitre.oval:def:22363 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5898 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22366 | |||
Oval ID: | oval:org.mitre.oval:def:22366 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5819 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22372 | |||
Oval ID: | oval:org.mitre.oval:def:22372 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45 and Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: CORBA) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5896 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22377 | |||
Oval ID: | oval:org.mitre.oval:def:22377 | ||
Title: | Vulnerability in Java SE 6u65 and Java SE 7u45 component of Oracle Java SE (subcomponent: Deployment) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-5887 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22386 | |||
Oval ID: | oval:org.mitre.oval:def:22386 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5805 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22402 | |||
Oval ID: | oval:org.mitre.oval:def:22402 | ||
Title: | Vulnerability in Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE Embedded 7u45 component of Oracle Java SE (subcomponent: JNDI) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0422 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22417 | |||
Oval ID: | oval:org.mitre.oval:def:22417 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5824 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22426 | |||
Oval ID: | oval:org.mitre.oval:def:22426 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5777 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22447 | |||
Oval ID: | oval:org.mitre.oval:def:22447 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5844 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22454 | |||
Oval ID: | oval:org.mitre.oval:def:22454 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5812 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22455 | |||
Oval ID: | oval:org.mitre.oval:def:22455 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5838 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22463 | |||
Oval ID: | oval:org.mitre.oval:def:22463 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5790 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22466 | |||
Oval ID: | oval:org.mitre.oval:def:22466 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5802 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22469 | |||
Oval ID: | oval:org.mitre.oval:def:22469 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5784 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22475 | |||
Oval ID: | oval:org.mitre.oval:def:22475 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5825 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22501 | |||
Oval ID: | oval:org.mitre.oval:def:22501 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5832 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22515 | |||
Oval ID: | oval:org.mitre.oval:def:22515 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5831 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22522 | |||
Oval ID: | oval:org.mitre.oval:def:22522 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5852 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22525 | |||
Oval ID: | oval:org.mitre.oval:def:22525 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5818 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22526 | |||
Oval ID: | oval:org.mitre.oval:def:22526 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5789 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22527 | |||
Oval ID: | oval:org.mitre.oval:def:22527 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5849 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22539 | |||
Oval ID: | oval:org.mitre.oval:def:22539 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5803 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22553 | |||
Oval ID: | oval:org.mitre.oval:def:22553 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5787 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22567 | |||
Oval ID: | oval:org.mitre.oval:def:22567 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5782 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22570 | |||
Oval ID: | oval:org.mitre.oval:def:22570 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5850 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22571 | |||
Oval ID: | oval:org.mitre.oval:def:22571 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5830 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22580 | |||
Oval ID: | oval:org.mitre.oval:def:22580 | ||
Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2013-5823 | Version: | 9 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22761 | |||
Oval ID: | oval:org.mitre.oval:def:22761 | ||
Title: | ELSA-2012:1222: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1222-00 CVE-2012-0547 CVE-2012-1682 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23009 | |||
Oval ID: | oval:org.mitre.oval:def:23009 | ||
Title: | ELSA-2013:0603: java-1.7.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0603-00 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23179 | |||
Oval ID: | oval:org.mitre.oval:def:23179 | ||
Title: | ELSA-2013:0602: java-1.7.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0602-01 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23195 | |||
Oval ID: | oval:org.mitre.oval:def:23195 | ||
Title: | ELSA-2012:0734: java-1.6.0-sun security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0734-02 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 53 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23223 | |||
Oval ID: | oval:org.mitre.oval:def:23223 | ||
Title: | ELSA-2012:1009: java-1.7.0-openjdk security and bug fix update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1009-01 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 | Version: | 45 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23287 | |||
Oval ID: | oval:org.mitre.oval:def:23287 | ||
Title: | ELSA-2012:0322: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0322-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 45 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23296 | |||
Oval ID: | oval:org.mitre.oval:def:23296 | ||
Title: | ELSA-2012:0730: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0730-00 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 41 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23321 | |||
Oval ID: | oval:org.mitre.oval:def:23321 | ||
Title: | ELSA-2013:0274: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0274-00 CVE-2013-0169 CVE-2013-1486 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23323 | |||
Oval ID: | oval:org.mitre.oval:def:23323 | ||
Title: | ELSA-2012:0514: java-1.6.0-ibm security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0514-03 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 53 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23377 | |||
Oval ID: | oval:org.mitre.oval:def:23377 | ||
Title: | ELSA-2013:0958: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0958-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 121 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23436 | |||
Oval ID: | oval:org.mitre.oval:def:23436 | ||
Title: | ELSA-2013:0604: java-1.6.0-openjdk security update (Important) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0604-00 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23455 | |||
Oval ID: | oval:org.mitre.oval:def:23455 | ||
Title: | DEPRECATED: ELSA-2013:0165: java-1.7.0-openjdk security update (Important) | ||
Description: | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0165-01 CVE-2012-3174 CVE-2013-0422 | Version: | 14 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23480 | |||
Oval ID: | oval:org.mitre.oval:def:23480 | ||
Title: | ELSA-2014:0027: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0027-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 61 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23484 | |||
Oval ID: | oval:org.mitre.oval:def:23484 | ||
Title: | ELSA-2013:0532: java-1.7.0-oracle security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0532-01 CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 | Version: | 25 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23489 | |||
Oval ID: | oval:org.mitre.oval:def:23489 | ||
Title: | DEPRECATED: ELSA-2013:0587: openssl security update (Moderate) | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0587-01 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 | Version: | 18 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23559 | |||
Oval ID: | oval:org.mitre.oval:def:23559 | ||
Title: | ELSA-2013:0165: java-1.7.0-openjdk security update (Important) | ||
Description: | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0165-01 CVE-2012-3174 CVE-2013-0422 | Version: | 13 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23612 | |||
Oval ID: | oval:org.mitre.oval:def:23612 | ||
Title: | ELSA-2012:0729: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0729-01 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 41 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23638 | |||
Oval ID: | oval:org.mitre.oval:def:23638 | ||
Title: | ELSA-2012:0139: java-1.6.0-sun security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0139-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 53 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23720 | |||
Oval ID: | oval:org.mitre.oval:def:23720 | ||
Title: | ELSA-2012:0135: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0135-01 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 45 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23749 | |||
Oval ID: | oval:org.mitre.oval:def:23749 | ||
Title: | ELSA-2012:0508: java-1.5.0-ibm security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0508-03 CVE-2011-3389 CVE-2011-3557 CVE-2011-3560 CVE-2011-3563 CVE-2012-0498 CVE-2012-0499 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 | Version: | 53 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.5.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23797 | |||
Oval ID: | oval:org.mitre.oval:def:23797 | ||
Title: | ELSA-2012:1289: java-1.7.0-ibm security update (Critical) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1289-01 CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681 | Version: | 57 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23803 | |||
Oval ID: | oval:org.mitre.oval:def:23803 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1485 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23805 | |||
Oval ID: | oval:org.mitre.oval:def:23805 | ||
Title: | ELSA-2012:1221: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1221-01 CVE-2012-0547 CVE-2012-1682 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23824 | |||
Oval ID: | oval:org.mitre.oval:def:23824 | ||
Title: | ELSA-2012:1245: java-1.5.0-ibm security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1245-01 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1725 | Version: | 29 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.5.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23877 | |||
Oval ID: | oval:org.mitre.oval:def:23877 | ||
Title: | ELSA-2013:0156: java-1.7.0-oracle security update (Critical) | ||
Description: | Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0156-01 CVE-2012-3174 CVE-2013-0422 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23883 | |||
Oval ID: | oval:org.mitre.oval:def:23883 | ||
Title: | ELSA-2014:0026: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0026-00 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 61 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23887 | |||
Oval ID: | oval:org.mitre.oval:def:23887 | ||
Title: | ELSA-2013:0957: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0957-00 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 121 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23891 | |||
Oval ID: | oval:org.mitre.oval:def:23891 | ||
Title: | ELSA-2013:0273: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0273-01 CVE-2013-0169 CVE-2013-1486 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23909 | |||
Oval ID: | oval:org.mitre.oval:def:23909 | ||
Title: | ELSA-2013:0587: openssl security update (Moderate) | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0587-01 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 | Version: | 17 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23913 | |||
Oval ID: | oval:org.mitre.oval:def:23913 | ||
Title: | ELSA-2013:0531: java-1.6.0-sun security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0531-01 CVE-2013-0169 CVE-2013-1486 CVE-2013-1487 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23953 | |||
Oval ID: | oval:org.mitre.oval:def:23953 | ||
Title: | ELSA-2012:1223: java-1.7.0-openjdk security update (Important) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1223-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 | Version: | 21 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23960 | |||
Oval ID: | oval:org.mitre.oval:def:23960 | ||
Title: | ELSA-2012:1225: java-1.7.0-oracle security update (Critical) | ||
Description: | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1225-01 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 | Version: | 21 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23975 | |||
Oval ID: | oval:org.mitre.oval:def:23975 | ||
Title: | ELSA-2013:0601: java-1.6.0-sun security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0601-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-sun |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24006 | |||
Oval ID: | oval:org.mitre.oval:def:24006 | ||
Title: | ELSA-2013:0751: java-1.7.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0751-01 CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 | Version: | 93 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24070 | |||
Oval ID: | oval:org.mitre.oval:def:24070 | ||
Title: | ELSA-2013:0605: java-1.6.0-openjdk security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0605-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24072 | |||
Oval ID: | oval:org.mitre.oval:def:24072 | ||
Title: | ELSA-2013:0600: java-1.7.0-oracle security update (Critical) | ||
Description: | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0600-02 CVE-2013-0809 CVE-2013-1493 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24141 | |||
Oval ID: | oval:org.mitre.oval:def:24141 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1486 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24188 | |||
Oval ID: | oval:org.mitre.oval:def:24188 | ||
Title: | ELSA-2014:0136: java-1.5.0-ibm security update (Important) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0136-00 CVE-2013-5907 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0417 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 45 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.5.0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24250 | |||
Oval ID: | oval:org.mitre.oval:def:24250 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1484 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24269 | |||
Oval ID: | oval:org.mitre.oval:def:24269 | ||
Title: | Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0387 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24405 | |||
Oval ID: | oval:org.mitre.oval:def:24405 | ||
Title: | Vulnerability in the TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24406 | |||
Oval ID: | oval:org.mitre.oval:def:24406 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment | ||
Description: | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1487 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24938 | |||
Oval ID: | oval:org.mitre.oval:def:24938 | ||
Title: | OpenSSL vulnerability before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d, allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks | ||
Description: | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0169 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | OpenSSL |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25042 | |||
Oval ID: | oval:org.mitre.oval:def:25042 | ||
Title: | SUSE-SU-2013:1808-1 -- Security update for OpenJDK 1.6 | ||
Description: | OpenJDK 1.6 was updated to the new Icedtea release 1.12.7, which includes many fixes for bugs and security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1808-1 CVE-2013-3829 CVE-2013-5780 CVE-2013-5772 CVE-2013-5814 CVE-2013-5790 CVE-2013-5849 CVE-2013-5802 CVE-2013-5851 CVE-2013-5809 CVE-2013-5817 CVE-2013-5783 CVE-2013-5782 CVE-2013-5778 CVE-2013-5803 CVE-2013-5840 CVE-2013-5825 CVE-2013-5842 CVE-2013-5774 CVE-2013-5804 CVE-2013-5797 CVE-2013-5850 CVE-2013-5829 CVE-2013-5830 CVE-2013-4002 CVE-2013-5784 CVE-2013-5820 CVE-2013-5823 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | OpenJDK 1.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25326 | |||
Oval ID: | oval:org.mitre.oval:def:25326 | ||
Title: | SUSE-SU-2014:0246-1 -- Security update for IBM Java | ||
Description: | This update contains the Oracle January 14 2014 CPU for java-1_7_0-ibm. Find more information at: http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_Ja nuary_14_2014_CPU <http://www.ibm.com/developerworks/java/jdk/alerts/#Oracle_J anuary_14_2014_CPU> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0246-1 CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403 CVE-2014-0423 CVE-2014-0376 CVE-2013-5910 CVE-2013-5884 CVE-2013-5896 CVE-2013-5899 CVE-2014-0416 CVE-2013-5887 CVE-2014-0368 CVE-2013-5888 CVE-2013-5898 CVE-2014-0411 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25455 | |||
Oval ID: | oval:org.mitre.oval:def:25455 | ||
Title: | SUSE-SU-2014:0215-1 -- Security update for openjdk | ||
Description: | This openjdk update fixes several security issues. For a complete list of fixed vulnerabilities and their description please refer to: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-J anuary/025800.html <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014- January/025800.html> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0215-1 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | openjdk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25669 | |||
Oval ID: | oval:org.mitre.oval:def:25669 | ||
Title: | SUSE-SU-2013:0871-2 -- Security update for IBM Java | ||
Description: | IBM Java 1.7.0 has been updated to SR4-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0871-2 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25719 | |||
Oval ID: | oval:org.mitre.oval:def:25719 | ||
Title: | SUSE-SU-2013:1666-1 -- Security update for OpenJDK 7 | ||
Description: | This release updates our OpenJDK 7 support in the 2.4.x series with a number of security fixes and synchronises it with upstream development. The security issues fixed (a long list) can be found in the following link: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-O ctober/025087.html <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013- October/025087.html> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1666-1 CVE-2013-3829 CVE-2013-5780 CVE-2013-5772 CVE-2013-5814 CVE-2013-5790 CVE-2013-5849 CVE-2013-5802 CVE-2013-5851 CVE-2013-5809 CVE-2013-5817 CVE-2013-5783 CVE-2013-5782 CVE-2013-5778 CVE-2013-5803 CVE-2013-5840 CVE-2013-5825 CVE-2013-5842 CVE-2013-5774 CVE-2013-5804 CVE-2013-5797 CVE-2013-5850 CVE-2013-5829 CVE-2013-5830 CVE-2013-4002 CVE-2013-5784 CVE-2013-5820 CVE-2013-5805 CVE-2013-5806 CVE-2013-5823 CVE-2013-5800 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | OpenJDK 7 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25782 | |||
Oval ID: | oval:org.mitre.oval:def:25782 | ||
Title: | SUSE-SU-2013:1254-1 -- Security update for java-1_7_0-openjdk | ||
Description: | This update to icedtea-2.4.1 fixes various security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1254-1 CVE-2013-2407 CVE-2013-2445 CVE-2013-2451 CVE-2013-2450 CVE-2013-2446 CVE-2013-2452 CVE-2013-1500 CVE-2013-2444 CVE-2013-2447 CVE-2013-2443 CVE-2013-2412 CVE-2013-2449 CVE-2013-2448 CVE-2013-2455 CVE-2013-2457 CVE-2013-2453 CVE-2013-2456 CVE-2013-2459 CVE-2013-2458 CVE-2013-2454 CVE-2013-2460 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-1571 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2461 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | java-1_7_0-openjdk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25783 | |||
Oval ID: | oval:org.mitre.oval:def:25783 | ||
Title: | SUSE-SU-2013:1293-2 -- Security update for IBM Java 1.4.2 | ||
Description: | IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security issues: CVE-2013-3009, CVE-2013-3011, CVE-2013-3012, CVE-2013-2469, CVE-2013-2465, CVE-2013-2464, CVE-2013-2463, CVE-2013-2473, CVE-2013-2472, CVE-2013-2471, CVE-2013-2470, CVE-2013-2459, CVE-2013-2456, CVE-2013-2447, CVE-2013-2452, CVE-2013-2446, CVE-2013-2450, CVE-2013-1500 Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also following bug has been fixed: * mark files in jre/bin and bin/ as executable (bnc#823034) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1293-2 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2456 CVE-2013-2447 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1500 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | IBM Java 1.4.2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25791 | |||
Oval ID: | oval:org.mitre.oval:def:25791 | ||
Title: | SUSE-SU-2013:0871-1 -- Security update for IBM Java 1.7.0 | ||
Description: | IBM Java 1.7.0 has been updated to SR4-FP2 which fixes several bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0871-1 CVE-2013-2422 CVE-2013-1491 CVE-2013-2435 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2440 CVE-2013-2429 CVE-2013-2430 CVE-2013-1563 CVE-2013-2394 CVE-2013-0401 CVE-2013-2424 CVE-2013-2419 CVE-2013-2417 CVE-2013-2418 CVE-2013-1540 CVE-2013-2433 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | IBM Java 1.7.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25811 | |||
Oval ID: | oval:org.mitre.oval:def:25811 | ||
Title: | SUSE-SU-2013:0701-1 -- Security update for java-1_7_0-ibm | ||
Description: | IBM Java 7 was updated to SR4-FP1, fixing bugs and security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0701-1 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493 CVE-2013-0169 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | java-1_7_0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25834 | |||
Oval ID: | oval:org.mitre.oval:def:25834 | ||
Title: | SUSE-SU-2013:1264-1 -- Security update for java-1_4_2-ibm | ||
Description: | IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> Also the following bug has been fixed: * mark files in jre/bin and bin/ as executable (bnc#823034) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1264-1 CVE-2013-3009 CVE-2013-3011 CVE-2013-3012 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2456 CVE-2013-2447 CVE-2013-2452 CVE-2013-2446 CVE-2013-2450 CVE-2013-1500 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | java-1_4_2-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25853 | |||
Oval ID: | oval:org.mitre.oval:def:25853 | ||
Title: | SUSE-SU-2013:1256-1 -- Security update for java-1_7_0-ibm | ||
Description: | IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1256-1 CVE-2013-3006 CVE-2013-3007 CVE-2013-3008 CVE-2013-3009 CVE-2013-3010 CVE-2013-3011 CVE-2013-3012 CVE-2013-4002 CVE-2013-2468 CVE-2013-2469 CVE-2013-2465 CVE-2013-2464 CVE-2013-2463 CVE-2013-2473 CVE-2013-2472 CVE-2013-2471 CVE-2013-2470 CVE-2013-2459 CVE-2013-2466 CVE-2013-2462 CVE-2013-2460 CVE-2013-3743 CVE-2013-2448 CVE-2013-2442 CVE-2013-2407 CVE-2013-2454 CVE-2013-2458 CVE-2013-3744 CVE-2013-2400 CVE-2013-2456 CVE-2013-2453 CVE-2013-2457 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | java-1_7_0-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25872 | |||
Oval ID: | oval:org.mitre.oval:def:25872 | ||
Title: | SUSE-SU-2013:0710-1 -- Security update for IBM Java | ||
Description: | IBM Java 1.4.2 has been updated to SR13 FP16 which fixes bugs and security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0710-1 CVE-2013-0485 CVE-2013-0809 CVE-2013-1493 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25883 | |||
Oval ID: | oval:org.mitre.oval:def:25883 | ||
Title: | SUSE-SU-2013:0814-1 -- Security update for java-1_6_0-openjdk | ||
Description: | java-1_6_0-openjdk has been updated to version Icedtea6-1.12.5 which fixes several security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0814-1 CVE-2013-1518 CVE-2013-2417 CVE-2013-2419 CVE-2013-1537 CVE-2013-1557 CVE-2013-2415 CVE-2013-2431 CVE-2013-2383 CVE-2013-2384 CVE-2013-1569 CVE-2013-2424 CVE-2013-2420 CVE-2013-2430 CVE-2013-2429 CVE-2013-2426 CVE-2013-0401 CVE-2013-2421 CVE-2013-1488 CVE-2013-2422 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | java-1_6_0-openjdk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25894 | |||
Oval ID: | oval:org.mitre.oval:def:25894 | ||
Title: | SUSE-SU-2013:0440-1 -- Security update for Java | ||
Description: | IBM Java 7 was updated to SR4, fixing various critical security issues and bugs. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0440-1 CVE-2013-1487 CVE-2013-1486 CVE-2013-1478 CVE-2013-0445 CVE-2013-1480 CVE-2013-0441 CVE-2013-1476 CVE-2012-1541 CVE-2013-0446 CVE-2012-3342 CVE-2013-0442 CVE-2013-0450 CVE-2013-0425 CVE-2013-0426 CVE-2013-0428 CVE-2012-3213 CVE-2013-0419 CVE-2013-0423 CVE-2013-0351 CVE-2013-0432 CVE-2013-1473 CVE-2013-0435 CVE-2013-0434 CVE-2013-0409 CVE-2013-0427 CVE-2013-0433 CVE-2013-0424 CVE-2013-0440 CVE-2013-0438 CVE-2013-0443 CVE-2013-1484 CVE-2013-1485 CVE-2013-0437 CVE-2013-0444 CVE-2013-0449 CVE-2013-0431 CVE-2013-0422 CVE-2012-3174 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25934 | |||
Oval ID: | oval:org.mitre.oval:def:25934 | ||
Title: | SUSE-SU-2013:0434-1 -- Security update for Java | ||
Description: | This release of Icedtea6-1.12.4 fixes the following two issues that allowed a remote attacker to execute arbitrary code remotely by providing crafted images to the affected code. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0434-1 CVE-2013-0809 CVE-2013-1493 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | Java |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25952 | |||
Oval ID: | oval:org.mitre.oval:def:25952 | ||
Title: | SUSE-SU-2013:1238-1 -- Security update for java-1_6_0-openjdk | ||
Description: | java-1_6_0-openjdk has been updated to Icedtea6-1.12.6 version. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1238-1 CVE-2013-2407 CVE-2013-2445 CVE-2013-2451 CVE-2013-2450 CVE-2013-2446 CVE-2013-2452 CVE-2013-1500 CVE-2013-2444 CVE-2013-2447 CVE-2013-2443 CVE-2013-2412 CVE-2013-2448 CVE-2013-2455 CVE-2013-2457 CVE-2013-2453 CVE-2013-2456 CVE-2013-2459 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-1571 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2461 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | java-1_6_0-openjdk |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25988 | |||
Oval ID: | oval:org.mitre.oval:def:25988 | ||
Title: | SUSE-SU-2013:0934-1 -- Security update for Java 1.4.2 | ||
Description: | IBM Java 1.4.2 has been updated to SR13-FP17 fixing bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0934-1 CVE-2013-1491 CVE-2013-2420 CVE-2013-2432 CVE-2013-1569 CVE-2013-2384 CVE-2013-2383 CVE-2013-1557 CVE-2013-1537 CVE-2013-2429 CVE-2013-2430 CVE-2013-2394 CVE-2013-2419 CVE-2013-2417 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | Java 1.4.2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26214 | |||
Oval ID: | oval:org.mitre.oval:def:26214 | ||
Title: | SUSE-SU-2013:0328-1 -- Security update for Java | ||
Description: | java-1_6_0-openjdk has been updated to IcedTea 1.12.3 (bnc#804654) which contains security and bugfixes: * Security fixes o S8006446: Restrict MBeanServer access (CVE-2013-1486) o S8006777: Improve TLS handling of invalid messages Lucky 13 (CVE-2013-0169) o S8007688: Blacklist known bad certificate (issued by DigiCert) * Backports o S8007393: Possible race condition after JDK-6664509 o S8007611: logging behavior in applet changed * Bug fixes o PR1319: Support GIF lib v5. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0328-1 CVE-2013-1486 CVE-2013-0169 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | Java |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26692 | |||
Oval ID: | oval:org.mitre.oval:def:26692 | ||
Title: | DEPRECATED: ELSA-2013-0604 -- java-1.6.0-openjdk security update (important) | ||
Description: | [ 1:1.6.0.0-1.36.1.11.9.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.36.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917176 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0604 CVE-2013-1493 CVE-2013-0809 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26825 | |||
Oval ID: | oval:org.mitre.oval:def:26825 | ||
Title: | DEPRECATED: ELSA-2014-0407 -- java-1.7.0-openjdk security update (Important) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0407 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26920 | |||
Oval ID: | oval:org.mitre.oval:def:26920 | ||
Title: | DEPRECATED: ELSA-2014-0408 -- java-1.6.0-openjdk security and bug fix update (Important) | ||
Description: | The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) This update also fixes the following bug: * The OpenJDK update to IcedTea version 1.13 introduced a regression related to the handling of the jdk_version_info variable. This variable was not properly zeroed out before being passed to the Java Virtual Machine, resulting in a memory leak in the java.lang.ref.Finalizer class. This update fixes this issue, and memory leaks no longer occur. (BZ#1085373) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0408 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797 | Version: | 4 |
Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26987 | |||
Oval ID: | oval:org.mitre.oval:def:26987 | ||
Title: | DEPRECATED: ELSA-2014-0406 -- java-1.7.0-openjdk security update (Critical) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX-WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0406 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2013-5797 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27040 | |||
Oval ID: | oval:org.mitre.oval:def:27040 | ||
Title: | DEPRECATED: ELSA-2013-1505 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1:1.6.0.0-1.68.1.11.14] - updated to icedtea6-1.11.14.tar.gz - added and applied 1.11.14-fixes.patch, patch10 to fix build issues - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - Resolves: rhbz#1017618 [1:1.6.0.1-1.67.1.13.0] - reverted previous update - Resolves: rhbz#1017618 [1:1.6.0.1-1.66.1.13.0] - updated to icedtea 1.13 - updated to openjdk-6-src-b28-04_oct_2013 - added --disable-lcms2 configure switch to fix tck - removed upstreamed patch7,java-1.6.0-openjdk-jstack.patch - added patch7 1.13_fixes.patch to fix 1.13 build issues - adapted patch0 java-1.6.0-openjdk-optflags.patch - adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - removed useless runtests parts - included also java.security.old files - Resolves: rhbz#1017618 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1505 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27081 | |||
Oval ID: | oval:org.mitre.oval:def:27081 | ||
Title: | DEPRECATED: ELSA-2014-0027 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.51-2.4.4.1.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.51-2.4.4.1.el5] - updated to security icedtea 2.4.4 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 1 - build requires: java-devel >= 1:1.6.0 changed java7-devel - Resolves: rhbz#1050192 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0027 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27193 | |||
Oval ID: | oval:org.mitre.oval:def:27193 | ||
Title: | DEPRECATED: ELSA-2013-1447 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.45-2.4.3.1.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.45-2.4.3.1.el5] - Updated to icedtea 2.4.3 - Resolves: rhbz#1017623 [1.7.0.45-2.4.3.0.el5] - fixed and updated tapset - removed bootstrap - source 11 redeclared to 1111 - added source12: TestCryptoLevel.java - removed upstreamed patch103 java-1.7.0-openjdk-arm-fixes.patch - removed unnecessary patch112 java-1.7.0-openjdk-doNotUseDisabledEcc.patch - added patch120: java-1.7.0-openjdk-freetype-check-fix.patch - fixed nss - cleaned sources - Resolves: rhbz#1017623 [1.7.0.25-2.4.1.4.el5] - updated to icedtea 2.4.1 - improoved handling of patch111 - nss-config-2.patch - backported uniquesuffix from 6.5 - Resolves: rhbz#978421 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1447 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5838 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27206 | |||
Oval ID: | oval:org.mitre.oval:def:27206 | ||
Title: | DEPRECATED: ELSA-2014-0026 -- java-1.7.0-openjdk security update (critical) | ||
Description: | [1.7.0.51-2.4.4.1.0.1.el6_5] - Update DISTRO_NAME in specfile [1.7.0.51-2.4.4.1.el6] - restored java7 provides - bumped release (builds exists) - Resolves: rhbz#1050935 [1.7.0.51-2.4.4.0.el6] - updated to security icedtea 2.4.4 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 0 - sync with fedora - added and applied patch411 1029588.patch (rh 1029588) - added aand applied patch410, 1015432 (rh 1015432) - Resolves: rhbz#1050935 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0026 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27291 | |||
Oval ID: | oval:org.mitre.oval:def:27291 | ||
Title: | DEPRECATED: ELSA-2013-0957 -- java-1.7.0-openjdk security update (critical) | ||
Description: | [1.7.0.25-2.3.10.3.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.25-2.3.10.3.el6] - removed upstreamed patch1000 MBeanFix.patch - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - Resolves: rhbz#973119 [1.7.0.25-2.3.10.2.el6] - added patch1000 MBeanFix.patch to fix regressions caused by security patches - Resolves: rhbz#973119 [1.7.0.25-2.3.10.1.el6] - build bumped to 25 - Resolves: rhbz#973119 [1.7.0.19-2.3.10.0.el6] - Updated to latest IcedTea7-forest 2.3.10 - patch 107 renamed to 500 for cosmetic purposes - improved handling of patch111 - nss-config-2.patch - removed patch 117, java-1.7.0-openjdk-nss-multiplePKCS11libraryInitialisationNnonCritical.patch duplicated with patch 108 (java-1.7.0-openjdk-nss-icedtea-e9c857dcb964) - Added client/server directories so they can be owned - Added fix for RH857717, owned /etc/.java/ and /etc/.java/.systemPrefs - Resolves: rhbz#973119 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0957 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27328 | |||
Oval ID: | oval:org.mitre.oval:def:27328 | ||
Title: | DEPRECATED: ELSA-2013-0274 -- java-1.6.0-openjdk security update (important) | ||
Description: | [ 1:1.6.0.0-1.35.1.11.8.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.35.1.11.8] - Rebuild with updated source tarball - Resolves: rhbz#911522 [1:1.6.0.0-1.34.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but valid - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911522 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0274 CVE-2013-0169 CVE-2013-1486 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27330 | |||
Oval ID: | oval:org.mitre.oval:def:27330 | ||
Title: | DEPRECATED: ELSA-2012-1009 -- java-1.7.0-openjdk security and bug fix update (important) | ||
Description: | [1.7.0.5-2.2.1.0.1.el6] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6] - Updated priority to be > 17000 and to depend on buildver variable - Variable buildver increased to 5 as it should be - Resolves: rhbz#828759 [1.7.0.3-2.2.1.el6] - Used newly prepared tarball with security fixes - Bump to icedtea7-forest-2.2.1 - _mandir/man1/jcmd-name.1 added to alternatives - Updated rhino.patch - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Modified partially upstreamed patch302 - systemtap.patch - Temporarly disabled patch102 - java-1.7.0-openjdk-size_t.patch - Removed already upstreamed patches 104,108,109,301,110: - java-1.7.0-openjdk-arm-ftbfs.patch - java-1.7.0-openjdk-system-zlib.patch - java-1.7.0-openjdk-remove-mimpure-opt.patch - systemtap-alloc-size-workaround.patch - java-1.7.0-fix-gio-detection.patch - Access gnome bridge jar forced to be 644 - Added patch303 - java-1.7.0-openjdk-jstack.patch which resolved RH804632 for openjdk6 - Resolves: rhbz#828759 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1009 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27353 | |||
Oval ID: | oval:org.mitre.oval:def:27353 | ||
Title: | DEPRECATED: ELSA-2013-0770 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1:1.6.0.0-1.61.1.11.11] - added and applied (temporally) patch10 fixToFontSecurityFix.patch. - fixing regression in fonts introduced by one security patch. - Resolves: rhbz#950386 [1:1.6.0.0-1.60.1.11.11] - added and applied (temporally) one more patch to xalan/xerces privileges - patch9 jaxp-backport-factoryfinder.patch - will be upstreamed - Resolves: rhbz#950386 [1:1.6.0.0-1.59.1.11.11] - Updated to icedtea6 1.11.11 - fixed xalan/xerxes privledges - removed patch 8 - removingOfAarch64.patch.patch - fixed upstream - Resolves: rhbz#950386 [1:1.6.0.0-1.58.1.11.10] - Updated to icedtea6 1.11.10 - rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - excluded aarch64.patch - by patch 8 - removingOfAarch64.patch.patch - Resolves: rhbz#950386 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0770 CVE-2013-2420 CVE-2013-2422 CVE-2013-2429 CVE-2013-2431 CVE-2013-1537 CVE-2013-2419 CVE-2013-2421 CVE-2013-2424 CVE-2013-2426 CVE-2013-2430 CVE-2013-0401 CVE-2013-1518 CVE-2013-2383 CVE-2013-1488 CVE-2013-1558 CVE-2013-1569 CVE-2013-2417 CVE-2013-1557 CVE-2013-2384 CVE-2013-2415 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27408 | |||
Oval ID: | oval:org.mitre.oval:def:27408 | ||
Title: | DEPRECATED: ELSA-2014-0097 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1:1.6.0.1-3.1.13.0] - updated to icedtea 1.13.1 - http://blog.fuseyism.com/index.php/2014/01/23/security-icedtea-1-12-8-1-13-1-for-openjdk-6-released/ - updated to jdk6, b30, 21_jan_2014 - https://openjdk6.java.net/OpenJDK6-B30-Changes.html - adapted patch7 1.13_fixes.patch - pre 2011 changelog moved to (till now wrong) pre-2009-spec-changelog (rh1043611) - added --disable-system-lcms to configure options to pass build - adapted patch3 java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#1050190 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0097 CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27449 | |||
Oval ID: | oval:org.mitre.oval:def:27449 | ||
Title: | DEPRECATED: ELSA-2013-0165 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.9-2.3.4.1.0.1.el6_3] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.4.1.el6] - Rewerted to IcedTea 2.3.4 - rewerted patch105: java-1.7.0-openjdk-disable-system-lcms.patch - removed jxmd and idlj to alternatives - make NOT executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - re-applied patch302 and restored systemtap.patch - buildver set to 9 - icedtea_version set to 2.3.4 - unapplied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - restored tmp-patches source tarball - removed /lib/security/US_export_policy.jar and lib/security/local_policy.jar - java-1.7.0-openjdk-java-access-bridge-security.patch's path moved from java.security-linux back to java.security - Resolves: rhbz#895033 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Resolves: rhbz#895033 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0165 CVE-2012-3174 CVE-2013-0422 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27551 | |||
Oval ID: | oval:org.mitre.oval:def:27551 | ||
Title: | DEPRECATED: ELSA-2013-0275 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.9-2.3.7.1.0.2.el6_3] - Increase release number and rebuild. [1.7.0.9-2.3.7.1.0.1.el6_3] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.7.1.el6_3] - Updated main source tarball - Resolves: rhbz#911529 [1.7.0.9-2.3.7.0.el6_3] - Removed patch1000 sec-2013-02-01-8005615.patch - Removed patch1001 sec-2013-02-01-8005615-sync_with_jdk7u.patch - Removed patch1010 sec-2013-02-01-7201064.patch - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.3.7 - Added java -Xshare:dump to post (see 513605) fo jitarchs - Resolves: rhbz#911529 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0275 CVE-2013-1485 CVE-2013-1484 CVE-2013-1486 CVE-2013-0169 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27569 | |||
Oval ID: | oval:org.mitre.oval:def:27569 | ||
Title: | DEPRECATED: ELSA-2013-0605 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.57.1.11.9] - Updated to icedtea6 1.11.9 - Resolves: rhbz#917179 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0605 CVE-2013-1493 CVE-2013-0809 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27572 | |||
Oval ID: | oval:org.mitre.oval:def:27572 | ||
Title: | DEPRECATED: ELSA-2013-0603 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.9-2.3.8.0.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.9-2.3.8.0.el5_9] - Updated to icedtea7-forest-2.3 - Resolves: rhbz#917181 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0603 CVE-2013-0809 CVE-2013-1493 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27578 | |||
Oval ID: | oval:org.mitre.oval:def:27578 | ||
Title: | DEPRECATED: ELSA-2013-0273 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.56.1.11.8] - Rebuild with updated sources - Resolves: rhbz#911524 [1:1.6.0.0-1.55.1.11.8] - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept, useless, but working - Resolves: rhbz#911524 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0273 CVE-2013-0169 CVE-2013-1486 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27582 | |||
Oval ID: | oval:org.mitre.oval:def:27582 | ||
Title: | DEPRECATED: ELSA-2013-0958 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.25-2.3.10.4.0.1.el5_9] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.25-2.3.10.4.el5] - updated to newer IcedTea7-forest 2.3.10 with 8010118 fix - removed upstreamed patch1000 MBeanFix.patch - Resolves: rhbz#973117 [1.7.0.25-2.3.10.3.el5] - reverted fix for license files owning - Resolves: rhbz#973117 [1.7.0.25-2.3.10.2.el5] - added patch1000 MBeanFix.patch to fix regressions caused by security patches - Resolves: rhbz#973117 [1.7.0.25-2.3.10.1.el6] - build bumped to 25 - Resolves: rhbz#973117 [1.7.0.19-2.3.10.0.el5] - Updated to latest IcedTea7-forest 2.3.10 - patch 107 renamed to 500 for cosmetic purposes - Added fix for RH857717, owned /etc/.java/ and /etc/.java/.systemPrefs - Resolves: rhbz#973117 [1.7.0.19-2.3.10.0.el5] - Updated to latest IcedTea7-forest 2.3.10 - Resolves: rhbz#973117 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0958 CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27591 | |||
Oval ID: | oval:org.mitre.oval:def:27591 | ||
Title: | DEPRECATED: ELSA-2012-0730 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1.6.0.0-1.27.1.10.8.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.27.1.10.8] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828749 [1:1.6.0.0-1.26.1.10.8] - Updated to IcedTea6 1.10.8 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828749 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0730 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27593 | |||
Oval ID: | oval:org.mitre.oval:def:27593 | ||
Title: | DEPRECATED: ELSA-2013-0602 -- java-1.7.0-openjdk security update (critical) | ||
Description: | [1.7.0.9-2.3.8.0.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.8.0el6] - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest - Resolves: rhbz#917183 [1.7.0.11-2.4.0.pre5.el6] - Update to latest snapshot of icedtea7 2.4 forest - Resolves: rhbz#917183 [1.7.0.9-2.4.0.pre4.3.el6] - Updated to icedtea 2.4.0.pre4, - Rewritten (again) patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre3.3.el6] - Updated to icedtea 2.4.0.pre3, updated! - Rewritten patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre2.3.el6] - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.4.0.pre2, updated? - Added java -Xshare:dump to post (see 513605) fo jitarchs - Resolves: rhbz#911530 [1.7.0.11-2.4.0.2.el6] - Unapplied but kept (for 2.3revert) patch110, java-1.7.0-openjdk-nss-icedtea-e9c857dcb964.patch - Added and applied patch113: java-1.7.0-openjdk-aes-update_reset.patch - Added and applied patch114: java-1.7.0-openjdk-nss-tck.patch - Added and applied patch115: java-1.7.0-openjdk-nss-split_results.patch - NSS enabled by default - enable_nss set to 1 - rewritten patch109 - java-1.7.0-openjdk-nss-config-1.patch - rewritten patch111 - java-1.7.0-openjdk-nss-config-2.patch - Resolves: rhbz#831734 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Disabled nss - enable_nss set to 0 - Resolves: rhbz#895034 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0602 CVE-2013-0809 CVE-2013-1493 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27605 | |||
Oval ID: | oval:org.mitre.oval:def:27605 | ||
Title: | DEPRECATED: ELSA-2013-0587 -- openssl security update (moderate) | ||
Description: | [1.0.0-27.2] - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv() everywhere instead of getenv() (#839735) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0587 CVE-2013-0166 CVE-2012-4929 CVE-2013-0169 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | openssl |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27683 | |||
Oval ID: | oval:org.mitre.oval:def:27683 | ||
Title: | DEPRECATED: ELSA-2012-1223 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.5-2.2.1.0.1.el6_3.3] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6.3] - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch - Applied upstream patches for same issue: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6] - Added patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch to fix vulnerability until it is fixed in upstream sources. - Resolves: rhbz#852299 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1223 CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27709 | |||
Oval ID: | oval:org.mitre.oval:def:27709 | ||
Title: | DEPRECATED: ELSA-2012-1386 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.9-2.3.3.0.1.el6_3.1] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.3.el6.1] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865050 [1.7.0.9-2.3.3.el6] - Updated to 2.3.3 - Updated java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 [1.7.0.5-2.3.2.el6.1] - Cleanup before security release - Updated to latest IcedTea7-forest 2.3 - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6.4] - Cleanup before security release - Removed patches: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1386 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 CVE-2012-5070 CVE-2012-5074 CVE-2012-5076 CVE-2012-5087 CVE-2012-5088 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27766 | |||
Oval ID: | oval:org.mitre.oval:def:27766 | ||
Title: | DEPRECATED: ELSA-2012-0729 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828751 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828751 [1:1.6.0.0-1.46.1.11.3] - Sync with 6.3: - Bump to IcedTea6 1.11.3 - With removed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Including patch7 - java-1.6.0-openjdk-jstack.patch - Including patch3, java-1.6.0-openjdk-java-access-bridge-security.patch modification - Resolves: rhbz#828751 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0729 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27767 | |||
Oval ID: | oval:org.mitre.oval:def:27767 | ||
Title: | DEPRECATED: ELSA-2012-0322 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1.6.0.0-1.25.1.10.6.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.25.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787142 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed and deleted upstreamed patch7 - name-rmi-fix.patch - Removed and deleted upstreamed Hugepages patches: - Source100: 7034464-hugepage.patch - Source101: 7037939-hugepage.patch - Source102: 7043564-hugepage.patch | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0322 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27774 | |||
Oval ID: | oval:org.mitre.oval:def:27774 | ||
Title: | DEPRECATED: ELSA-2012-1221 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.49.1.11.4] - Updated to latest IedTea6 1.11.4 - Resolves: rhbz#853345 [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828752 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828752 [1:1.6.0.0-1.46.1.11.3] - Updated to IcedTea6 1.11.3 - Removed upstreamed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828752 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1221 CVE-2012-0547 CVE-2012-1682 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27790 | |||
Oval ID: | oval:org.mitre.oval:def:27790 | ||
Title: | DEPRECATED: ELSA-2012-1222 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1.6.0.0-1.28.1.10.9.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.9] - Updated to latest IcedTea6 1.10.9 - Resolves: rhbz#846709 - Resolves: rhbz#853114 [1:1.6.0.0-1.27.1.10.8] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828749 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1222 CVE-2012-0547 CVE-2012-1682 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27804 | |||
Oval ID: | oval:org.mitre.oval:def:27804 | ||
Title: | DEPRECATED: ELSA-2012-1384 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.50.1.11.5] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865045 [1:1.6.0.0-1.49.1.11.5] - Updated to IcedTea6 1.11.5 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27810 | |||
Oval ID: | oval:org.mitre.oval:def:27810 | ||
Title: | DEPRECATED: ELSA-2012-1385 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1:1.6.0.0-1.28.1.10.10.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.10] - Updated to IcedTea6 1.10.10 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27922 | |||
Oval ID: | oval:org.mitre.oval:def:27922 | ||
Title: | DEPRECATED: ELSA-2012-0135 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.43.1.10.6] - Updated to IcedTea6 1.10.6 - Resolves: rhbz#787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception throwing mechanism in ObjectStreamClass - S7110704: Issues with some method in corba - S7112642: Incorrect checking for graphics rendering object - S7118283: Better input parameter checking in zip file processing - S7126960: Add property to limit number of request headers to the HTTP Server - Bug fixes - RH580478: Desktop files should not use hardcoded path - Removed upstreamed patch7 - java-1.6.0-openjdk-6_2-Z-rmi-fix.patch | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0135 CVE-2011-3563 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2011-3571 CVE-2011-5035 CVE-2012-0507 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Java JAX-WS gmbal package sandbox breach | More info here |
Java JAX-WS statistics.impl package sandbox breach | More info here |
Oracle Java java.awt.image.ByteComponentRaster Overflow | More info here |
Java SE AtomicReferenceArray Unsafe Security Bypass | More info here |
Java Runtime Environment DriverManager doPrivileged block sandbox bypass | More info here |
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion | More info here |
Oracle Java Runtime Environment AWT storeImageArray Vulnerability | More info here |
Java Runtime Environment Hotspot final field vulnerability | More info here |
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflow | More info here |
Java Web Start initial heap size command injection | More info here |
Java Runtime Environment Color Management memory overwrite | More info here |
Oracle Java findMethod findClass Security Bypass | More info here |
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox Escape | More info here |
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2013-09-03 | Oracle Java lookUpByteBI - Heap Buffer Overflow |
2013-08-19 | Java storeImageArray() Invalid Array Indexing Vulnerability |
2013-07-01 | Java Applet ProviderSkeleton Insecure Invoke Method |
2013-06-11 | Java Applet Driver Manager Privileged toString() Remote Code Execution |
2013-06-11 | Java Web Start Double Quote Injection Remote Code Execution |
2013-04-18 | Java Web Start Launcher ActiveX Control - Memory Corruption |
2013-03-29 | Java CMM Remote Code Execution |
2013-01-24 | Java Applet AverageRangeStatisticImpl Remote Code Execution |
2013-01-24 | Java Applet Method Handle Remote Code Execution |
2013-01-11 | Java Applet JMX Remote Code Execution |
2012-11-13 | Java Applet JAX-WS Remote Code Execution |
2012-07-11 | Java Applet Field Bytecode Verifier Cache Remote Code Execution |
2012-03-30 | Java AtomicReferenceArray Type Violation Vulnerability |
2012-01-03 | PHP Hash Table Collision Proof Of Concept |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1424_1.nasl |
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1423_1.nasl |
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1175_1.nasl |
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0828_1.nasl |
2012-11-02 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_169.nasl |
2012-10-29 | Name : Ubuntu Update for openjdk-7 USN-1619-1 File : nvt/gb_ubuntu_USN_1619_1.nasl |
2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01 File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl |
2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01 File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl |
2012-10-19 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01 File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows) File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln03_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln04_oct12_win.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1386 centos6 File : nvt/gb_CESA-2012_1386_java_centos6.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1385 centos5 File : nvt/gb_CESA-2012_1385_java_centos5.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1384 centos6 File : nvt/gb_CESA-2012_1384_java_centos6.nasl |
2012-10-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16346 File : nvt/gb_fedora_2012_16346_java-1.7.0-openjdk_fc17.nasl |
2012-10-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.6.0-openjdk_fc16.nasl |
2012-10-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351 File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl |
2012-10-09 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl |
2012-09-22 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-13127 File : nvt/gb_fedora_2012_13127_java-1.6.0-openjdk_fc16.nasl |
2012-09-21 | Name : Java for Mac OS X 10.6 Update 10 File : nvt/gb_macosx_java_10_6_upd_10.nasl |
2012-09-06 | Name : Ubuntu Update for icedtea-web USN-1505-2 File : nvt/gb_ubuntu_USN_1505_2.nasl |
2012-09-04 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01 File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl |
2012-09-04 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01 File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl |
2012-09-04 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01 File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl |
2012-09-04 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13131 File : nvt/gb_fedora_2012_13131_java-1.7.0-openjdk_fc17.nasl |
2012-09-04 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-13138 File : nvt/gb_fedora_2012_13138_java-1.7.0-openjdk_fc16.nasl |
2012-09-04 | Name : CentOS Update for java CESA-2012:1223 centos6 File : nvt/gb_CESA-2012_1223_java_centos6.nasl |
2012-09-04 | Name : CentOS Update for java CESA-2012:1222 centos5 File : nvt/gb_CESA-2012_1222_java_centos5.nasl |
2012-09-04 | Name : CentOS Update for java CESA-2012:1221 centos6 File : nvt/gb_CESA-2012_1221_java_centos6.nasl |
2012-09-04 | Name : Ubuntu Update for openjdk-6 USN-1553-1 File : nvt/gb_ubuntu_USN_1553_1.nasl |
2012-09-03 | Name : Oracle Java SE JRE Multiple Remote Code Execution Vulnerabilities - (Windows) File : nvt/gb_oracle_java_se_jre_mult_code_exec_vuln_win.nasl |
2012-09-03 | Name : Oracle Java SE JRE AWT Component Unspecified Vulnerability - (Windows) File : nvt/gb_oracle_java_se_jre_awt_comp_unspecified_vuln_win.nasl |
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-08-30 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9590 File : nvt/gb_fedora_2012_9590_java-1.7.0-openjdk_fc17.nasl |
2012-08-30 | Name : FreeBSD Ports: openjdk File : nvt/freebsd_openjdk.nasl |
2012-08-30 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-2595 File : nvt/gb_fedora_2012_2595_java-1.7.0-openjdk_fc17.nasl |
2012-08-23 | Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities(... File : nvt/gb_oracle_java_se_mult_unspecified_vuln02_aug12_win.nasl |
2012-08-22 | Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities(... File : nvt/gb_oracle_java_se_mult_unspecified_vuln01_aug12_win.nasl |
2012-08-22 | Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities ... File : nvt/gb_oracle_java_se_mult_unspecified_vuln_aug12_win.nasl |
2012-08-22 | Name : Oracle Java SE Java Runtime Environment Unspecified Vulnerability - (Windows) File : nvt/gb_oracle_java_se_unspecified_vuln_win.nasl |
2012-08-22 | Name : Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows) File : nvt/gb_oracle_java_se_code_exec_vuln_win.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2507-1 (openjdk-6) File : nvt/deb_2507_1.nasl |
2012-08-03 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:095 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_095.nasl |
2012-08-02 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0309-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_0309_1.nasl |
2012-07-30 | Name : CentOS Update for java CESA-2012:0730 centos5 File : nvt/gb_CESA-2012_0730_java_centos5.nasl |
2012-07-30 | Name : CentOS Update for java CESA-2012:1009 centos6 File : nvt/gb_CESA-2012_1009_java_centos6.nasl |
2012-07-30 | Name : CentOS Update for java CESA-2012:0729 centos6 File : nvt/gb_CESA-2012_0729_java_centos6.nasl |
2012-07-30 | Name : CentOS Update for java CESA-2012:0135 centos6 File : nvt/gb_CESA-2012_0135_java_centos6.nasl |
2012-07-16 | Name : Ubuntu Update for openjdk-6 USN-1505-1 File : nvt/gb_ubuntu_USN_1505_1.nasl |
2012-07-09 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01 File : nvt/gb_RHSA-2012_0135-01_java-1.6.0-openjdk.nasl |
2012-06-22 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1009-01 File : nvt/gb_RHSA-2012_1009-01_java-1.7.0-openjdk.nasl |
2012-06-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545 File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl |
2012-06-19 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593 File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl |
2012-06-19 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541 File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl |
2012-06-15 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0730-01 File : nvt/gb_RHSA-2012_0730-01_java-1.6.0-openjdk.nasl |
2012-06-15 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0729-01 File : nvt/gb_RHSA-2012_0729-01_java-1.6.0-openjdk.nasl |
2012-04-09 | Name : Java Runtime Environment Multiple Vulnerabilities (MAC OS X) File : nvt/gb_jre_mult_vuln_macosx.nasl |
2012-04-02 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1711 File : nvt/gb_fedora_2012_1711_java-1.6.0-openjdk_fc16.nasl |
2012-04-02 | Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-1690 File : nvt/gb_fedora_2012_1690_java-1.7.0-openjdk_fc16.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2420-1 (openjdk-6) File : nvt/deb_2420_1.nasl |
2012-03-09 | Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-1721 File : nvt/gb_fedora_2012_1721_java-1.6.0-openjdk_fc15.nasl |
2012-03-09 | Name : Ubuntu Update for openjdk-6 USN-1373-1 File : nvt/gb_ubuntu_USN_1373_1.nasl |
2012-03-07 | Name : Ubuntu Update for openjdk-6b18 USN-1373-2 File : nvt/gb_ubuntu_USN_1373_2.nasl |
2012-02-27 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0322-01 File : nvt/gb_RHSA-2012_0322-01_java-1.6.0-openjdk.nasl |
2012-02-21 | Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 03) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_03.nasl |
2012-02-21 | Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 02) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_02.nasl |
2012-02-21 | Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 01) File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_01.nasl |
2012-02-21 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:021 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_021.nasl |
2012-02-21 | Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 03) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_03.nasl |
2012-02-21 | Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 02) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_02.nasl |
2012-02-21 | Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 01) File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_01.nasl |
2012-01-05 | Name : Oracle GlassFish Server Hash Collision Denial of Service Vulnerability File : nvt/gb_glassfish_hash_collision_dos_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78114 | Oracle GlassFish Server Hash Collission Form Parameter Parsing Remote DoS Oracle GlassFish Server contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-02-27 | IAVM : 2014-B-0019 - Multiple Vulnerabilities in Apache Tomcat Severity : Category I - VMSKEY : V0044527 |
2014-01-16 | IAVM : 2014-A-0010 - Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0043398 |
2013-10-17 | IAVM : 2013-A-0191 - Multiple Vulnerabilities in Java for Mac OS X Severity : Category I - VMSKEY : V0040779 |
2013-10-17 | IAVM : 2013-A-0200 - Multiple Vulnerabilities in Oracle Java Severity : Category I - VMSKEY : V0040783 |
2013-10-17 | IAVM : 2013-A-0199 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0040786 |
2013-09-19 | IAVM : 2013-A-0181 - Multiple Vulnerabilities in Junos Pulse Secure Access Service (IVE) Severity : Category I - VMSKEY : V0040371 |
2013-09-19 | IAVM : 2013-A-0180 - Multiple Vulnerabilities in Juniper Networks Junos Pulse Access Service Acces... Severity : Category I - VMSKEY : V0040372 |
2013-09-19 | IAVM : 2013-A-0179 - Apple Mac OS X Security Update 2013-004 Severity : Category I - VMSKEY : V0040373 |
2013-04-11 | IAVM : 2013-A-0077 - Multiple Vulnerabilities in OpenSSL Severity : Category I - VMSKEY : V0037605 |
2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
2012-09-13 | IAVM : 2012-A-0146 - Multiple Vulnerabilities in VMware vCenter Update Manager 4.1 Severity : Category I - VMSKEY : V0033792 |
2012-09-13 | IAVM : 2012-A-0147 - Multiple Vulnerabilities in VMware vCenter Server 4.1 Severity : Category I - VMSKEY : V0033793 |
2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-05-21 | Oracle Java privileged protection domain exploitation attempt RuleID : 49846 - Revision : 1 - Type : FILE-JAVA |
2019-05-21 | Oracle Java privileged protection domain exploitation attempt RuleID : 49845 - Revision : 1 - Type : FILE-JAVA |
2019-03-26 | Oracle Java ImagingLib buffer overflow attempt RuleID : 49256 - Revision : 1 - Type : FILE-JAVA |
2019-03-26 | Oracle Java ImagingLib buffer overflow attempt RuleID : 49255 - Revision : 2 - Type : FILE-JAVA |
2019-03-12 | Oracle Java JPEGImageWriter memory corruption attempt RuleID : 49117 - Revision : 1 - Type : FILE-JAVA |
2019-03-12 | Oracle Java JPEGImageWriter memory corruption attempt RuleID : 49116 - Revision : 1 - Type : FILE-JAVA |
2018-04-05 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Revision : 1 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Revision : 2 - Type : SERVER-OTHER |
2016-07-28 | Oracle Java RangeStatisticImpl sandbox breach attempt RuleID : 39355 - Revision : 1 - Type : FILE-JAVA |
2016-07-28 | Oracle Java RangeStatisticImpl sandbox breach attempt RuleID : 39354 - Revision : 1 - Type : FILE-JAVA |
2016-04-26 | Oracle Java Class Loader namespace sandbox bypass attempt RuleID : 38339 - Revision : 2 - Type : FILE-JAVA |
2016-04-26 | Oracle Java Class Loader namespace sandbox bypass attempt RuleID : 38338 - Revision : 2 - Type : FILE-JAVA |
2016-03-24 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37821 - Revision : 1 - Type : FILE-JAVA |
2016-03-24 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37820 - Revision : 1 - Type : FILE-JAVA |
2016-03-24 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37819 - Revision : 1 - Type : FILE-JAVA |
2016-03-24 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 37818 - Revision : 1 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37805 - Revision : 3 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37804 - Revision : 4 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37803 - Revision : 2 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37802 - Revision : 2 - Type : FILE-JAVA |
2015-09-08 | Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35469 - Revision : 2 - Type : FILE-JAVA |
2015-09-08 | Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35468 - Revision : 3 - Type : FILE-JAVA |
2015-09-08 | Oracle Java VersionHelper loadClass sandbox bypass attempt RuleID : 35467 - Revision : 3 - Type : FILE-JAVA |
2015-04-30 | Nuclear exploit kit obfuscated file download RuleID : 33983 - Revision : 5 - Type : EXPLOIT-KIT |
2015-04-30 | Nuclear exploit kit landing page detected RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT |
2014-11-16 | Oracle Java Web Start arbitrary command execution attempt RuleID : 31946 - Revision : 2 - Type : FILE-JAVA |
2014-11-16 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 31541 - Revision : 7 - Type : FILE-JAVA |
2014-11-16 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 31540 - Revision : 6 - Type : FILE-JAVA |
2014-11-16 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 31512 - Revision : 3 - Type : FILE-JAVA |
2014-11-16 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 31511 - Revision : 3 - Type : FILE-JAVA |
2014-11-16 | Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt RuleID : 31367 - Revision : 6 - Type : FILE-JAVA |
2014-11-16 | Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt RuleID : 31366 - Revision : 7 - Type : FILE-JAVA |
2014-11-16 | CottonCastle exploit kit decryption page outbound request RuleID : 31279 - Revision : 3 - Type : EXPLOIT-KIT |
2014-11-16 | CottonCastle exploit kit Oracle java outbound connection RuleID : 31278 - Revision : 2 - Type : EXPLOIT-KIT |
2014-11-16 | CottonCastle exploit kit Oracle Java outbound connection RuleID : 31277 - Revision : 2 - Type : EXPLOIT-KIT |
2014-04-17 | Oracle Java font rendering remote code execution attempt RuleID : 30218 - Revision : 3 - Type : FILE-JAVA |
2014-04-17 | Oracle Java font rendering remote code execution attempt RuleID : 30217 - Revision : 2 - Type : FILE-JAVA |
2018-06-15 | Hello/LightsOut exploit kit payload download attempt RuleID : 30003-community - Revision : 6 - Type : EXPLOIT-KIT |
2014-04-03 | Hello/LightsOut exploit kit payload download attempt RuleID : 30003 - Revision : 6 - Type : EXPLOIT-KIT |
2014-03-29 | Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29972 - Revision : 2 - Type : FILE-JAVA |
2014-03-29 | Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29971 - Revision : 2 - Type : FILE-JAVA |
2014-03-29 | Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29970 - Revision : 2 - Type : FILE-JAVA |
2014-03-29 | Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt RuleID : 29969 - Revision : 2 - Type : FILE-JAVA |
2014-03-06 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29606 - Revision : 4 - Type : FILE-JAVA |
2014-03-06 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 29605 - Revision : 3 - Type : FILE-JAVA |
2014-03-01 | Oracle Java ShortComponentRaster integer overflow attempt RuleID : 29491 - Revision : 4 - Type : FILE-JAVA |
2014-03-01 | Oracle Java ShortComponentRaster integer overflow attempt RuleID : 29490 - Revision : 4 - Type : FILE-JAVA |
2014-02-21 | Styx exploit kit eot outbound connection RuleID : 29453 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit landing page request RuleID : 29452 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit outbound jar request RuleID : 29451 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit outbound connection attempt RuleID : 29450 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit landing page RuleID : 29449 - Revision : 3 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit landing page RuleID : 29448 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit jar outbound connection RuleID : 29446 - Revision : 9 - Type : EXPLOIT-KIT |
2014-02-21 | Styx exploit kit fonts download page RuleID : 29445 - Revision : 2 - Type : EXPLOIT-KIT |
2014-02-08 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29273 - Revision : 7 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29272 - Revision : 7 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29271 - Revision : 6 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt RuleID : 29270 - Revision : 6 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29269 - Revision : 2 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29268 - Revision : 3 - Type : FILE-JAVA |
2014-02-08 | Oracle Java and JavaFX JPEGImageReader memory corruption attempt RuleID : 29219 - Revision : 2 - Type : FILE-JAVA |
2014-02-08 | Oracle Java and JavaFX JPEGImageReader memory corruption attempt RuleID : 29218 - Revision : 3 - Type : FILE-JAVA |
2014-02-08 | Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt RuleID : 29215 - Revision : 2 - Type : FILE-JAVA |
2014-02-08 | Oracle Java JPEGImageWriter memory corruption attempt RuleID : 29214 - Revision : 3 - Type : FILE-JAVA |
2014-01-30 | Stamp exploit kit PDF exploit retrieval attempt RuleID : 29131 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-30 | Stamp exploit kit malicious payload download attempt RuleID : 29130 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-30 | Stamp exploit kit jar exploit download - specific structure RuleID : 29129 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-30 | Stamp exploit kit plugin detection page RuleID : 29128 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-16 | Oracle Java ImagingLib buffer overflow attempt RuleID : 28927 - Revision : 3 - Type : FILE-JAVA |
2014-01-16 | Oracle Java ImagingLib buffer overflow attempt RuleID : 28926 - Revision : 3 - Type : FILE-JAVA |
2014-01-16 | Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt RuleID : 28916 - Revision : 6 - Type : FILE-JAVA |
2014-01-16 | Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt RuleID : 28915 - Revision : 7 - Type : FILE-JAVA |
2014-01-11 | Neutrino exploit kit initial outbound request - generic detection RuleID : 28911 - Revision : 3 - Type : EXPLOIT-KIT |
2018-06-15 | Goon/Infinity exploit kit payload download attempt RuleID : 28795-community - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Goon/Infinity exploit kit payload download attempt RuleID : 28795 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit landing page request RuleID : 28478 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit outbound pdf request RuleID : 28477 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request by Java - generic detection RuleID : 28476 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request - generic detection RuleID : 28475 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound plugin detection response - generic detection RuleID : 28474 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28460 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28459 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 28458 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28457 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28456 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28455 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Win.Trojan.Bspire variant connection RuleID : 28439 - Revision : 5 - Type : MALWARE-CNC |
2014-01-10 | Glazunov exploit kit zip file download RuleID : 28430-community - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Glazunov exploit kit zip file download RuleID : 28430 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Glazunov exploit kit outbound jnlp download attempt RuleID : 28429-community - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Glazunov exploit kit outbound jnlp download attempt RuleID : 28429 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Glazunov exploit kit landing page RuleID : 28428-community - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Glazunov exploit kit landing page RuleID : 28428 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Himan exploit kit payload - Oracle Java compromise RuleID : 28309 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Himan exploit kit landing page RuleID : 28307 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28304 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28298 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 28277 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 28276 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28275 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28274 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28273 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28214 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java XML digital signature spoofing attempt RuleID : 28157 - Revision : 3 - Type : BROWSER-PLUGINS |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 28032 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Oracle Java exploit download attempt RuleID : 28031 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - readme.dll RuleID : 27898 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - calc.dll RuleID : 27897 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - contacts.dll RuleID : 27896 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - info.dll RuleID : 27895 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - about.dll RuleID : 27894 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Teletubbies exploit kit payload download RuleID : 27885 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Teletubbies exploit kit exploit attempt for Oracle Java RuleID : 27883 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2/Darkleech exploit kit landing page request RuleID : 27865-community - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2/Darkleech exploit kit landing page request RuleID : 27865 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit malicious redirection attempt RuleID : 27815 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit landing page request RuleID : 27814 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit landing page with payload RuleID : 27813 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java ImagingLib buffer overflow attempt RuleID : 27787 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java ImagingLib buffer overflow attempt RuleID : 27786 - Revision : 3 - Type : FILE-JAVA |
2014-01-10 | Neutrino exploit kit outbound request format RuleID : 27785 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Oracle Java exploit download attempt RuleID : 27784 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java ImagingLib buffer overflow attempt RuleID : 27765 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java ImagingLib buffer overflow attempt RuleID : 27764 - Revision : 3 - Type : FILE-JAVA |
2014-01-10 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27751 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27750 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Gong Da exploit kit possible jar download RuleID : 27706 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit Java exploit requested RuleID : 27705 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit Java exploit requested RuleID : 27704 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit plugin detection RuleID : 27703 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da exploit kit landing page RuleID : 27702 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Gong Da Jar file download RuleID : 27701 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Kore exploit kit successful Java exploit RuleID : 27697 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Kore exploit kit landing page RuleID : 27696 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Kore exploit kit landing page RuleID : 27695 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27692 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 27691 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27677 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27676 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27675 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27674 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27673 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27672 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27622 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption... RuleID : 27621 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | iFramer toolkit injected iframe detected - specific structure RuleID : 27271 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27191 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27190 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27189 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Applet ProviderSkeleton sandbox bypass attempt RuleID : 27188 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Private exploit kit outbound traffic RuleID : 27144-community - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit outbound traffic RuleID : 27144 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27143 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27142 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit landing page RuleID : 27141 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Private exploit kit numerically named exe file dowload RuleID : 27140 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 27113 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Nailed exploit kit jmxbean remote code execution exploit download - autopwn RuleID : 27083 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Applet disable security manager attempt RuleID : 27077 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Applet disable security manager attempt RuleID : 27076 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Blackhole exploit kit landing page retrieval RuleID : 27072 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page retrieval RuleID : 27071 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit JNLP request RuleID : 27070 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific structure RuleID : 27067 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jovf RuleID : 27042-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jovf RuleID : 27042 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jlnp RuleID : 27041-community - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jlnp RuleID : 27041 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jorg RuleID : 27040-community - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection jorg RuleID : 27040 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Javadoc generated frame replacement attempt RuleID : 26994 - Revision : 4 - Type : BROWSER-PLUGINS |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950-community - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt RuleID : 26950 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26948 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26947-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download RuleID : 26947 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Java Applet sql.DriverManager exploit attempt RuleID : 26901 - Revision : 7 - Type : BROWSER-PLUGINS |
2014-01-10 | Java Applet sql.DriverManager exploit attempt RuleID : 26900 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | Java Applet sql.DriverManager fakedriver exploit attempt RuleID : 26899 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | Java Applet sql.DriverManager fakedriver exploit attempt RuleID : 26898 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | Sweet Orange exploit kit landing page in.php base64 uri RuleID : 26834-community - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page in.php base64 uri RuleID : 26834 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Goon/Infinity/Redkit exploit kit short jar request RuleID : 26808 - Revision : 11 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 26807 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit short JNLP request RuleID : 26806 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit encrypted binary download RuleID : 26805 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page RuleID : 26804 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Web Start control launchapp embed access RuleID : 26767 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle Java Web Start control launchapp ActiveX clsid access RuleID : 26766 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle Java Web Start control launchapp ActiveX function call access RuleID : 26765 - Revision : 6 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle Java Web Start control launchapp ActiveX clsid access RuleID : 26764 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | Oracle Java font rendering remote code execution attempt RuleID : 26717 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java font rendering remote code execution attempt RuleID : 26716 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Multiple exploit kit landing page - specific structure RuleID : 26653 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26617 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Impact/Stamp exploit kit landing page RuleID : 26600 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Impact/Stamp exploit kit landing page RuleID : 26599 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26552 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26551 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26550 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26549 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Multiple exploit kit successful redirection - jnlp bypass RuleID : 26541 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | iFramer injection - specific structure RuleID : 26540 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit pdf download detection RuleID : 26539 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit landing page received RuleID : 26538 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit jar download detection RuleID : 26537 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Stamp exploit kit landing page RuleID : 26536 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit landing page - specific structure RuleID : 26535 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Portable Executable downloaded with bad DOS stub RuleID : 26526-community - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Portable Executable downloaded with bad DOS stub RuleID : 26526 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java payload detection RuleID : 26512 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sakura exploit kit redirection structure RuleID : 26511 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf payload detection RuleID : 26510 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit java payload detection RuleID : 26509 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - info.dll RuleID : 26508 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page - specific structure RuleID : 26507 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit jar file redirection RuleID : 26506 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26500 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26499 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26487 - Revision : 4 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26486 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26485 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE reflection types public final field overwrite attempt RuleID : 26484 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Blackholev2 exploit kit jar file downloaded RuleID : 26434 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 26384 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 26383 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit java exploit request RuleID : 26377 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page redirection RuleID : 26351 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | TDS redirection - may lead to exploit kit RuleID : 26350 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit obfuscated portable executable RuleID : 26349 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit java exploit delivery RuleID : 26348 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit java exploit request RuleID : 26347 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit payload requested RuleID : 26346 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 26345 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page redirection RuleID : 26344 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Nuclear exploit kit landing page RuleID : 26343 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Nuclear exploit kit landing page - specific structure RuleID : 26342 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Nuclear exploit kit landing page RuleID : 26341 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page retrieval - ff.php RuleID : 26339 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | IFRAMEr injection detection - leads to exploit kit RuleID : 26338 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page - specific structure RuleID : 26337 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit redirection page RuleID : 26297 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit landing page RuleID : 26296 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Watering Hole Campaign applet download RuleID : 26294 - Revision : 5 - Type : FILE-OTHER |
2014-01-10 | Cool exploit kit malicious jar download RuleID : 26256 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26254 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page RuleID : 26253 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Impact exploit kit landing page RuleID : 26252 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page RuleID : 26233 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page RuleID : 26232 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit MyApplet class retrieval RuleID : 26229 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection page RuleID : 26228 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page retrieval RuleID : 26227 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit redirection attempt RuleID : 26226 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26200 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26199 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26198 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt RuleID : 26197 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib LookupOp integer overflow attempt RuleID : 26196 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt RuleID : 26195 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Gmbal package sandbox breach attempt RuleID : 26186 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Gmbal package sandbox breach attempt RuleID : 26185 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Neutrino exploit kit redirection page RuleID : 26100 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit redirection page RuleID : 26099 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Java archive transfer RuleID : 26098 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit Java archive transfer RuleID : 26097 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 26096 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Neutrino exploit kit landing page RuleID : 26095 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page RuleID : 26094 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 26091 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit landing page RuleID : 26090 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 26056 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26055 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26054 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26053 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 26052 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 26051 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 26050 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 26049 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 26048 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit redirection structure RuleID : 26047 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 26046 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit - Java exploit download RuleID : 26039 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit - Java exploit download RuleID : 26038 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit - Java exploit download RuleID : 26037 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit - Java Exploit RuleID : 26036 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit iframe redirection attempt RuleID : 26033 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page RuleID : 26031 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Known malicious jar archive download attempt RuleID : 26030 - Revision : 3 - Type : FILE-OTHER |
2014-01-10 | Java user-agent request to svchost.jpg RuleID : 26025 - Revision : 3 - Type : INDICATOR-COMPROMISE |
2014-01-10 | Gong Da exploit kit redirection page received RuleID : 26013 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 25989 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page RuleID : 25988 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit three number PDF Request RuleID : 25972 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit redirection RuleID : 25971 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Portable Executable download RuleID : 25968 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25967 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25966 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25965 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25964 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25963 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25962 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit former location - has been removed RuleID : 25960 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25959 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25958 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25957 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious class file download RuleID : 25956 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25955 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit SWF file download RuleID : 25954 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25953 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25952 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25951 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25950 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25862 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25861 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page RuleID : 25860 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit malicious jar file download RuleID : 25859 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit Java exploit download RuleID : 25858 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit PDF exploit RuleID : 25857 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java JMX class arbitrary code execution attempt RuleID : 25834 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java malicious class download attempt RuleID : 25833 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JMX class arbitrary code execution attempt RuleID : 25832 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JMX class arbitrary code execution attempt RuleID : 25831 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java malicious class download attempt RuleID : 25830 - Revision : 12 - Type : FILE-JAVA |
2014-01-10 | SSLv3 plaintext recovery attempt RuleID : 25828 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | TLSv1.2 plaintext recovery attempt RuleID : 25827 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | TLSv1.1 plaintext recovery attempt RuleID : 25826 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | TLSv1.0 plaintext recovery attempt RuleID : 25825 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | Fiesta exploit kit landing page detection - specific-structure RuleID : 25808 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit landing page RuleID : 25806 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit Java exploit retrieval RuleID : 25805 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Whitehole exploit kit malicious jar download attempt RuleID : 25804 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit 32-alpha jar request RuleID : 25798 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit redirection successful RuleID : 25611 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25598 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25597 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25596 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25595 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25594 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25593 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page - specific structure RuleID : 25591 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific structure RuleID : 25590 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25576 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25575 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25574 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool Exploit Kit SWF file download RuleID : 25573 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page RuleID : 25569 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page retrieval RuleID : 25568 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Red Dot executable retrieval attempt RuleID : 25540 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Red Dot java retrieval attempt RuleID : 25539 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Red Dot landing page RuleID : 25538 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple Exploit Kit Payload detection - setup.exe RuleID : 25526 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25510 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25509 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25508 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25507 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25506 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25505 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java JMX class arbitrary code execution attempt RuleID : 25473 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JMX class arbitrary code execution attempt RuleID : 25472 - Revision : 12 - Type : FILE-JAVA |
2014-01-10 | Sweet Orange exploit kit obfuscated payload download RuleID : 25391 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page - specific structure RuleID : 25390 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page - specific structure RuleID : 25389 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit redirection successful RuleID : 25388 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - readme.exe RuleID : 25387 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - about.exe RuleID : 25386 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - calc.exe RuleID : 25385 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - contacts.exe RuleID : 25384 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit Payload detection - info.exe RuleID : 25383 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit malicious jar file dropped RuleID : 25382 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25328 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25327 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit java exploit retrieval RuleID : 25326 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit pdf exploit retrieval RuleID : 25325 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page detected RuleID : 25324 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25323 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit EOT file download RuleID : 25322 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Multiple exploit kit malicious jar archive download RuleID : 25302 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | redirect to malicious java archive attempt RuleID : 25301 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit redirection attempt RuleID : 25255 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit portable executable download request RuleID : 25140 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit eot outbound connection RuleID : 25139 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit pdf outbound connection RuleID : 25138 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit jar outbound connection RuleID : 25137 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Styx exploit kit plugin detection connection RuleID : 25136 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Styx Exploit Kit outbound connection RuleID : 25135 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 25123 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 25122 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 25121 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Cool exploit kit 32-bit font file download RuleID : 25056 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 64-bit font file download RuleID : 25055 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit outbound class retrieval RuleID : 25053 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit Java Exploit requested - 3 digit RuleID : 25052 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page redirection RuleID : 25051 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit requesting payload RuleID : 25045 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page - specific structure RuleID : 25044 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit url structure detected RuleID : 25043 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Java User-Agent downloading Portable Executable - Possible exploit kit RuleID : 25042 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Applet remote code execution attempt RuleID : 24993 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Runtime true type font idef opcode heap buffer overflow attempt RuleID : 24915 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Nuclear exploit kit landing page detected RuleID : 24888 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page in an email RuleID : 24865 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific-structure RuleID : 24864 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page in an email RuleID : 24863 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific-structure RuleID : 24862 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page in an email RuleID : 24861 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page - specific-structure RuleID : 24860 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Sibhost exploit kit outbound JAR download attempt RuleID : 24841 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page - JAR redirection RuleID : 24840 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange exploit kit landing page - specific structure RuleID : 24839 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange User-Agent - contype RuleID : 24838 - Revision : 2 - Type : EXPLOIT-KIT |
2014-01-10 | Sweet Orange initial landing page RuleID : 24837 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Possible malicious Jar download attempt - specific-structure RuleID : 24798-community - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Possible malicious Jar download attempt - specific-structure RuleID : 24798 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | KaiXin exploit kit Java Class download RuleID : 24793 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 64-bit font file download RuleID : 24784 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit 32-bit font file download RuleID : 24783 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit outbound request RuleID : 24782 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit outbound request RuleID : 24781 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit - PDF Exploit RuleID : 24780 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit - PDF Exploit RuleID : 24779 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Cool exploit kit landing page - Title RuleID : 24778 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24770 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24769 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Runtime true type font idef opcode heap buffer overflow attempt RuleID : 24701 - Revision : 12 - Type : FILE-JAVA |
2014-01-10 | KaiXin exploit kit attack vector attempt RuleID : 24670 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | KaiXin exploit kit attack vector attempt RuleID : 24669 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | KaiXin exploit kit attack vector attempt RuleID : 24668 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | KaiXin exploit kit attack vector attempt RuleID : 24667 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit redirection successful RuleID : 24638 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit redirection page - specific structure RuleID : 24637 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit redirection page - specific structure RuleID : 24636 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page download attempt RuleID : 24608 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page received - specific structure RuleID : 24593 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page download attempt RuleID : 24548 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page download attempt RuleID : 24547 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page download attempt RuleID : 24546 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole admin page outbound access attempt RuleID : 24544 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole admin page inbound access attempt RuleID : 24543 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit fallback executable download RuleID : 24501 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole - Cookie Set RuleID : 24475 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit outbound connection RuleID : 24234 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit outbound connection RuleID : 24233 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit outbound connection RuleID : 24232 - Revision : 4 - Type : EXPLOIT-KIT |
2014-01-10 | Crimeboss exploit kit redirection attempt RuleID : 24231 - Revision : 3 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page Received RuleID : 24228 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 - URI Structure RuleID : 24227 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackholev2 exploit kit landing page received RuleID : 24226 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 24202 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 24201 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Blackhole possible email Landing to 8 chr folder RuleID : 24171 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24126 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24125 - Revision : 5 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24085 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24084 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24066 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24065 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24064 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24063 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24058 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24057 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24056 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24055 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Blackhole exploit kit landing page with specific structure RuleID : 24054 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure RuleID : 24053 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24038 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24037 - Revision : 6 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24036 - Revision : 7 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24028 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24027 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24026 - Revision : 16 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24025 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24024 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24023 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24022 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24021 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java privileged protection domain exploitation attempt RuleID : 24020 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Blackhole exploit kit landing page with specific structure - fewbgazr catch RuleID : 23962 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - hwehes RuleID : 23850 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole redirection attempt RuleID : 23849 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole redirection attempt RuleID : 23848 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole redirection page RuleID : 23797 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - Math.round catch RuleID : 23786 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - Math.floor catch RuleID : 23785 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page RuleID : 23781 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page request - tkr RuleID : 23622 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch ... RuleID : 23619 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Zip file directory record overflow attempt RuleID : 23560 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 23277 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 23276 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 23275 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 23274 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java field bytecode verifier cache code execution attempt RuleID : 23273 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Zip file directory record overflow attempt RuleID : 23243 - Revision : 13 - Type : FILE-JAVA |
2014-01-10 | Redkit exploit kit landing page Received - applet and flowbit RuleID : 23225 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page Requested - 8Digit.html RuleID : 23224 - Revision : 13 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page Received - applet and code RuleID : 23223 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit landing page Received - applet and 5 digit jar attempt RuleID : 23222 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit Jar File Naming Algorithm RuleID : 23221 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit Java Exploit Requested - 5 digit jar RuleID : 23220 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit exploit kit Java Exploit request to .class file RuleID : 23219 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Redkit Repeated Exploit Request Pattern RuleID : 23218 - Revision : 11 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page download attempt RuleID : 23159 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 23158 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Nuclear Pack exploit kit binary download RuleID : 23157 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Nuclear Pack exploit kit landing page RuleID : 23156 - Revision : 11 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole redirection attempt RuleID : 22949 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole Exploit Kit javascript service method RuleID : 22088 - Revision : 12 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole landing redirection page RuleID : 22041 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole suspected landing page RuleID : 22040 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole suspected landing page RuleID : 22039 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit landing page with specific structure - Loading RuleID : 21876 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Possible exploit kit post compromise activity - taskkill RuleID : 21875 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Possible exploit kit post compromise activity - StrReverse RuleID : 21874 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Java JRE sandbox breach attempt RuleID : 21869 - Revision : 8 - Type : FILE-OTHER |
2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC |
2014-01-10 | Oracle Java JRE sandbox Atomic breach attempt RuleID : 21667 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE sandbox Atomic breach attempt RuleID : 21666 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE sandbox Atomic breach attempt RuleID : 21665 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Oracle Java JRE sandbox Atomic breach attempt RuleID : 21664 - Revision : 9 - Type : FILE-JAVA |
2014-01-10 | Blackhole exploit kit landing page with specific structure - catch RuleID : 21661 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page Requested - /Index/index.php RuleID : 21660 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page Requested - /Home/index.php RuleID : 21659 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page RuleID : 21658 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page - specific structure RuleID : 21657 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646-community - Revision : 16 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646 - Revision : 16 - Type : EXPLOIT-KIT |
2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - BBB RuleID : 21581 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific header RuleID : 21549 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific header RuleID : 21539 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492-community - Revision : 22 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492 - Revision : 22 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Web Start arbitrary command execution attempt RuleID : 21481 - Revision : 14 - Type : FILE-JAVA |
2014-01-10 | Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438-community - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit URL - search.php?page= RuleID : 21348 - Revision : 8 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit URL - .php?page= RuleID : 21347 - Revision : 12 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit malicious jar download RuleID : 21346 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit malicious jar request RuleID : 21345 - Revision : 9 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit pdf download RuleID : 21344 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit pdf request RuleID : 21343 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit response RuleID : 21259 - Revision : 5 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit control panel access RuleID : 21141 - Revision : 7 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page RuleID : 21045 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit landing page RuleID : 21044 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit post-compromise download attempt - .php?e= RuleID : 21043 - Revision : 10 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit post-compromise download attempt - .php?f= RuleID : 21042 - Revision : 11 - Type : EXPLOIT-KIT |
2014-01-10 | Blackhole exploit kit URL - main.php?page= RuleID : 21041 - Revision : 12 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java Applet remote code execution attempt RuleID : 20622 - Revision : 18 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Web Start arbitrary command execution attempt RuleID : 16585 - Revision : 5 - Type : WEB-CLIENT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-09-27 | Name : The remote Debian host is missing a security update. File : debian_DLA-1518.nasl - Type : ACT_GATHER_INFO |
2016-11-21 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL93600123.nasl - Type : ACT_GATHER_INFO |
2016-06-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL48802597.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-294.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0012_remote.nasl - Type : ACT_GATHER_INFO |
2015-10-13 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17381.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-2.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1490-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1256-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1669-1.nasl - Type : ACT_GATHER_INFO |
2015-05-15 | Name : The remote Debian host is missing a security update. File : debian_DLA-219.nasl - Type : ACT_GATHER_INFO |
2015-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3187.nasl - Type : ACT_GATHER_INFO |
2015-03-11 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2522-3.nasl - Type : ACT_GATHER_INFO |
2015-03-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2522-2.nasl - Type : ACT_GATHER_INFO |
2015-03-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2522-1.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_gnutls_20130924.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_nss_20140809.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_openssl_20130716.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_tomcat_20140522.nasl - Type : ACT_GATHER_INFO |
2015-01-13 | Name : The remote host has a library installed that is affected by an information di... File : tivoli_directory_svr_swg21638270.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
2014-12-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_compat-openssl097g-141202.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0007.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1080.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1332.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0636.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1793.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0414.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0416.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0982.nasl - Type : ACT_GATHER_INFO |
2014-11-06 | Name : The remote host has a version of Java installed that is affected by multiple ... File : macosx_java_2014-001.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14190.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15630.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15637.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO |
2014-08-11 | Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_5_5_x.nasl - Type : ACT_GATHER_INFO |
2014-08-11 | Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_6_1_x.nasl - Type : ACT_GATHER_INFO |
2014-08-11 | Name : The remote backup service is affected by multiple vulnerabilities. File : ibm_tsm_server_6_2_6_0.nasl - Type : ACT_GATHER_INFO |
2014-08-11 | Name : The remote backup service is affected by an information disclosure vulnerabil... File : ibm_tsm_server_6_3_4_200.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0675.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0685.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0705.nasl - Type : ACT_GATHER_INFO |
2014-07-28 | Name : The remote AIX host has a version of Java SDK installed that is potentially a... File : aix_java_jan2014_advisory.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0675.nasl - Type : ACT_GATHER_INFO |
2014-07-24 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0685.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_apr_2012.nasl - Type : ACT_GATHER_INFO |
2014-07-18 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_jrockit_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO |
2014-07-14 | Name : The remote mail server is affected by an information disclosure vulnerability. File : ipswitch_imail_12_3.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO |
2014-06-18 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_101fp3a.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-136.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-368.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-592.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-749.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-754.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-755.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-153.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-154.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-164.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-198.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-230.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-402.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-410.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-426.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-47.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-622.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-847.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-95.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-96.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_java-1_6_0-openjdk-120222.nasl - Type : ACT_GATHER_INFO |
2014-06-06 | Name : The version of IBM Tivoli Directory Server is affected by a frame injection v... File : tivoli_directory_svr_63025.nasl - Type : ACT_GATHER_INFO |
2014-06-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140514.nasl - Type : ACT_GATHER_INFO |
2014-06-01 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140515.nasl - Type : ACT_GATHER_INFO |
2014-05-29 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_2.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Windows host has a service installed that is affected by multiple ... File : websphere_mq_7503.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-100.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO |
2014-05-12 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_9_0_1_fp1.nasl - Type : ACT_GATHER_INFO |
2014-04-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-326.nasl - Type : ACT_GATHER_INFO |
2014-04-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-327.nasl - Type : ACT_GATHER_INFO |
2014-04-18 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0407.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0406.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0407.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0408.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0406.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0408.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0406.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0407.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0408.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-04-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140416_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote AIX host is running a vulnerable version of OpenSSL. File : aix_openssl_advisory5.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2124-2.nasl - Type : ACT_GATHER_INFO |
2014-02-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2124-1.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140213.nasl - Type : ACT_GATHER_INFO |
2014-02-25 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_39.nasl - Type : ACT_GATHER_INFO |
2014-02-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-042.nasl - Type : ACT_GATHER_INFO |
2014-02-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140206.nasl - Type : ACT_GATHER_INFO |
2014-02-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-140205.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-280.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-283.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0134.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0135.nasl - Type : ACT_GATHER_INFO |
2014-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0136.nasl - Type : ACT_GATHER_INFO |
2014-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0097.nasl - Type : ACT_GATHER_INFO |
2014-01-28 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0097.nasl - Type : ACT_GATHER_INFO |
2014-01-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0097.nasl - Type : ACT_GATHER_INFO |
2014-01-28 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140127_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-01-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO |
2014-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2089-1.nasl - Type : ACT_GATHER_INFO |
2014-01-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-011.nasl - Type : ACT_GATHER_INFO |
2014-01-20 | Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_1483097_remote.nasl - Type : ACT_GATHER_INFO |
2014-01-20 | Name : The remote application server is potentially affected by multiple vulnerabili... File : websphere_7_0_0_31.nasl - Type : ACT_GATHER_INFO |
2014-01-20 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_8.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0026.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0027.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0026.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0027.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0030.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140115_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-01-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140115_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_jan_2014.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_jan_2014_unix.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0026.nasl - Type : ACT_GATHER_INFO |
2014-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0027.nasl - Type : ACT_GATHER_INFO |
2014-01-08 | Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
2014-01-08 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
2013-12-18 | Name : The remote database server is affected by multiple vulnerabilities. File : db2_97fp9.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-03.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-131129.nasl - Type : ACT_GATHER_INFO |
2013-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2033-1.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-131119.nasl - Type : ACT_GATHER_INFO |
2013-11-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-267.nasl - Type : ACT_GATHER_INFO |
2013-11-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-131114.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-235.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-246.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-131104.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_1311177_remote.nasl - Type : ACT_GATHER_INFO |
2013-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1507.nasl - Type : ACT_GATHER_INFO |
2013-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1508.nasl - Type : ACT_GATHER_INFO |
2013-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1509.nasl - Type : ACT_GATHER_INFO |
2013-11-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1505.nasl - Type : ACT_GATHER_INFO |
2013-11-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1505.nasl - Type : ACT_GATHER_INFO |
2013-11-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1505.nasl - Type : ACT_GATHER_INFO |
2013-11-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131105_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote server is affected by multiple vulnerabilities. File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2013-0012.nasl - Type : ACT_GATHER_INFO |
2013-10-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1451.nasl - Type : ACT_GATHER_INFO |
2013-10-24 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131022_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-10-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1447.nasl - Type : ACT_GATHER_INFO |
2013-10-23 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1451.nasl - Type : ACT_GATHER_INFO |
2013-10-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1451.nasl - Type : ACT_GATHER_INFO |
2013-10-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1447.nasl - Type : ACT_GATHER_INFO |
2013-10-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1447.nasl - Type : ACT_GATHER_INFO |
2013-10-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131021_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-10.nasl - Type : ACT_GATHER_INFO |
2013-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1440.nasl - Type : ACT_GATHER_INFO |
2013-10-17 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_oct_2013.nasl - Type : ACT_GATHER_INFO |
2013-10-17 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_oct_2013_unix.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update17.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-005.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote database server is affected by multiple vulnerabilities. File : oracle_rdbms_cpu_oct_2013.nasl - Type : ACT_GATHER_INFO |
2013-09-20 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_6_1_0_47.nasl - Type : ACT_GATHER_INFO |
2013-09-19 | Name : The remote device is missing a vendor-supplied security patch. File : junos_pulse_jsa10591.nasl - Type : ACT_GATHER_INFO |
2013-09-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_8_5.nasl - Type : ACT_GATHER_INFO |
2013-09-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2013-004.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-119.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-136.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-137.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-43.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-88.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-151.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-156.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-162.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-163.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-167.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-168.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-171.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-183.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-185.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-204.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-207.nasl - Type : ACT_GATHER_INFO |
2013-08-23 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_7.nasl - Type : ACT_GATHER_INFO |
2013-08-12 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_jrockit_cpu_jul_2013.nasl - Type : ACT_GATHER_INFO |
2013-08-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-13479.nasl - Type : ACT_GATHER_INFO |
2013-08-02 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2013-0009.nasl - Type : ACT_GATHER_INFO |
2013-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2727.nasl - Type : ACT_GATHER_INFO |
2013-07-28 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-13523.nasl - Type : ACT_GATHER_INFO |
2013-07-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130723.nasl - Type : ACT_GATHER_INFO |
2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130723.nasl - Type : ACT_GATHER_INFO |
2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130723.nasl - Type : ACT_GATHER_INFO |
2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-130719.nasl - Type : ACT_GATHER_INFO |
2013-07-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130718.nasl - Type : ACT_GATHER_INFO |
2013-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1908-1.nasl - Type : ACT_GATHER_INFO |
2013-07-23 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5.nasl - Type : ACT_GATHER_INFO |
2013-07-19 | Name : The remote application server is potentially affected by multiple vulnerabili... File : websphere_7_0_0_29.nasl - Type : ACT_GATHER_INFO |
2013-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1081.nasl - Type : ACT_GATHER_INFO |
2013-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1907-1.nasl - Type : ACT_GATHER_INFO |
2013-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1907-2.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2722.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10575.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1059.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1060.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0135.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0322.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0729.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0730.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1009.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0165.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0587.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0751.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0752.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0770.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
2013-07-10 | Name : The remote host has a library installed that is affected by an information di... File : ibm_gskit_swg21638270.nasl - Type : ACT_GATHER_INFO |
2013-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
2013-07-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
2013-07-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130703_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-06-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-183.nasl - Type : ACT_GATHER_INFO |
2013-06-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0833.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0963.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-06-21 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-06-20 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_jun_2013_unix.nasl - Type : ACT_GATHER_INFO |
2013-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
2013-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
2013-06-19 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update16.nasl - Type : ACT_GATHER_INFO |
2013-06-19 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-004.nasl - Type : ACT_GATHER_INFO |
2013-06-19 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_jun_2013.nasl - Type : ACT_GATHER_INFO |
2013-06-17 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO |
2013-06-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130529.nasl - Type : ACT_GATHER_INFO |
2013-06-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130529.nasl - Type : ACT_GATHER_INFO |
2013-06-06 | Name : The remote web server contains an application that is affected by multiple vu... File : splunk_503.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2012-0013.nasl - Type : ACT_GATHER_INFO |
2013-05-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130517.nasl - Type : ACT_GATHER_INFO |
2013-05-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0855.nasl - Type : ACT_GATHER_INFO |
2013-05-22 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130512.nasl - Type : ACT_GATHER_INFO |
2013-05-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0822.nasl - Type : ACT_GATHER_INFO |
2013-05-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0823.nasl - Type : ACT_GATHER_INFO |
2013-05-10 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_0_0_6.nasl - Type : ACT_GATHER_INFO |
2013-05-10 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_0_2.nasl - Type : ACT_GATHER_INFO |
2013-05-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1819-1.nasl - Type : ACT_GATHER_INFO |
2013-05-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-161.nasl - Type : ACT_GATHER_INFO |
2013-04-30 | Name : The remote host is affected by multiple vulnerabilities. File : ibm_tem_8_2_1372.nasl - Type : ACT_GATHER_INFO |
2013-04-26 | Name : The remote Fedora host is missing a security update. File : fedora_2013-6368.nasl - Type : ACT_GATHER_INFO |
2013-04-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130424_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-04-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO |
2013-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0770.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130415.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130416.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8543.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8542.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8544.nasl - Type : ACT_GATHER_INFO |
2013-04-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1806-1.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Fedora host is missing a security update. File : fedora_2013-5922.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-050.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-052.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-095.nasl - Type : ACT_GATHER_INFO |
2013-04-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO |
2013-04-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0757.nasl - Type : ACT_GATHER_INFO |
2013-04-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0758.nasl - Type : ACT_GATHER_INFO |
2013-04-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130415.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote Fedora host is missing a security update. File : fedora_2013-5958.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0751.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0752.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130417_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-04-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130417_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-04-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update15.nasl - Type : ACT_GATHER_INFO |
2013-04-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-003.nasl - Type : ACT_GATHER_INFO |
2013-04-17 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_apr_2013.nasl - Type : ACT_GATHER_INFO |
2013-04-17 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_apr_2013_unix.nasl - Type : ACT_GATHER_INFO |
2013-04-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_69bfc8529bd011e2a7be8c705af55518.nasl - Type : ACT_GATHER_INFO |
2013-04-03 | Name : The remote Fedora host is missing a security update. File : fedora_2013-4403.nasl - Type : ACT_GATHER_INFO |
2013-03-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libopenssl-devel-130325.nasl - Type : ACT_GATHER_INFO |
2013-03-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_openssl-8517.nasl - Type : ACT_GATHER_INFO |
2013-03-26 | Name : The remote Windows host contains a program that is affected by multiple vulne... File : stunnel_4_55.nasl - Type : ACT_GATHER_INFO |
2013-03-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1732-3.nasl - Type : ACT_GATHER_INFO |
2013-03-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130312.nasl - Type : ACT_GATHER_INFO |
2013-03-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8483.nasl - Type : ACT_GATHER_INFO |
2013-03-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8495.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote Fedora host is missing a security update. File : fedora_2013-3468.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-130306.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8481.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130307.nasl - Type : ACT_GATHER_INFO |
2013-03-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130306.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0624.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0625.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0626.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2793.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-2.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0587.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2013-3467.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0600.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0601.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0602.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0603.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0604.nasl - Type : ACT_GATHER_INFO |
2013-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0605.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java5_update41_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java6_update43_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote host contains a runtime environment that can allow code execution. File : oracle_java7_update17_unix.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1755-1.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update14.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-002.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0587.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130304_openssl_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-03-04 | Name : The remote Fedora host is missing a security update. File : fedora_2013-2834.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1732-2.nasl - Type : ACT_GATHER_INFO |
2013-02-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-02-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-014.nasl - Type : ACT_GATHER_INFO |
2013-02-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130221.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote host contains a runtime environment that contains methods that can... File : oracle_java6_update35_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote host contains a programming platform that is potentially affected ... File : oracle_java7_update11_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java7_update6_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_feb_2012_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_1_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_feb_2013_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jun_2012_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_oct_2012_unix.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1732-1.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1735-1.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013_1.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0273.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0274.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0275.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0531.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0532.nasl - Type : ACT_GATHER_INFO |
2013-02-20 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update13.nasl - Type : ACT_GATHER_INFO |
2013-02-20 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-001.nasl - Type : ACT_GATHER_INFO |
2013-02-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1724-1.nasl - Type : ACT_GATHER_INFO |
2013-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2621.nasl - Type : ACT_GATHER_INFO |
2013-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2622.nasl - Type : ACT_GATHER_INFO |
2013-02-13 | Name : The remote service may be affected by an information disclosure vulnerability. File : openssl_1_0_1e.nasl - Type : ACT_GATHER_INFO |
2013-02-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130205_jdk_1_6_0_on_SL_5_0.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2013-040-01.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-02-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-02-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130208_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-02-09 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_0_9_8y.nasl - Type : ACT_GATHER_INFO |
2013-02-09 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_0k.nasl - Type : ACT_GATHER_INFO |
2013-02-09 | Name : The remote host may be affected by multiple vulnerabilities. File : openssl_1_0_1d.nasl - Type : ACT_GATHER_INFO |
2013-02-07 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_00b0d8cd709711e298d9003067c2616f.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update12.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0236.nasl - Type : ACT_GATHER_INFO |
2013-02-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0237.nasl - Type : ACT_GATHER_INFO |
2013-02-04 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_feb_2013.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-120529.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-120907.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-121113.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-120427.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-120907.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-121126.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120615.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120905.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-121023.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-120919.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-121113.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0702.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1243.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1485.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0165.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0853.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0868.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Fedora host is missing a security update. File : fedora_2013-0888.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d5e0317e5e4511e2a113c48508086173.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0165.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130116_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-01-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1693-1.nasl - Type : ACT_GATHER_INFO |
2013-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0156.nasl - Type : ACT_GATHER_INFO |
2013-01-14 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java7_update11.nasl - Type : ACT_GATHER_INFO |
2012-11-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8383.nasl - Type : ACT_GATHER_INFO |
2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8366.nasl - Type : ACT_GATHER_INFO |
2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8362.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1465.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1467.nasl - Type : ACT_GATHER_INFO |
2012-11-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-169.nasl - Type : ACT_GATHER_INFO |
2012-10-31 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121018_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1619-1.nasl - Type : ACT_GATHER_INFO |
2012-10-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1391.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1392.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update11.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2012-006.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO |
2012-10-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-150.nasl - Type : ACT_GATHER_INFO |
2012-09-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1289.nasl - Type : ACT_GATHER_INFO |
2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13100.nasl - Type : ACT_GATHER_INFO |
2012-09-13 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120904_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1245.nasl - Type : ACT_GATHER_INFO |
2012-09-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1238.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote host has a version of Java that contains methods that can aid in f... File : macosx_java_10_6_update10.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote host has a version of Java that contains methods that can aid in f... File : macosx_java_2012-005.nasl - Type : ACT_GATHER_INFO |
2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13131.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13138.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1225.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1553-1.nasl - Type : ACT_GATHER_INFO |
2012-08-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_16846d1ef1de11e18bd80022156e8794.nasl - Type : ACT_GATHER_INFO |
2012-08-31 | Name : The remote host contains a runtime environment that contains methods that can... File : oracle_java6_update35.nasl - Type : ACT_GATHER_INFO |
2012-08-30 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1505-2.nasl - Type : ACT_GATHER_INFO |
2012-08-27 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java7_update6.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120214_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120216_java_1_6_0_sun_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120221_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120613_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1505-1.nasl - Type : ACT_GATHER_INFO |
2012-07-11 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1009.nasl - Type : ACT_GATHER_INFO |
2012-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2507.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1009.nasl - Type : ACT_GATHER_INFO |
2012-06-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1019.nasl - Type : ACT_GATHER_INFO |
2012-06-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-095.nasl - Type : ACT_GATHER_INFO |
2012-06-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9541.nasl - Type : ACT_GATHER_INFO |
2012-06-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9545.nasl - Type : ACT_GATHER_INFO |
2012-06-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9590.nasl - Type : ACT_GATHER_INFO |
2012-06-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9593.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0729.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0730.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0729.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0730.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0734.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8151.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update9.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_7_2012-004.nasl - Type : ACT_GATHER_INFO |
2012-06-13 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jun_2012.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0514.nasl - Type : ACT_GATHER_INFO |
2012-04-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0508.nasl - Type : ACT_GATHER_INFO |
2012-04-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update7.nasl - Type : ACT_GATHER_INFO |
2012-04-05 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_7_2012-001.nasl - Type : ACT_GATHER_INFO |
2012-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-2.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2420.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2595.nasl - Type : ACT_GATHER_INFO |
2012-02-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120220.nasl - Type : ACT_GATHER_INFO |
2012-02-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1373-1.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1721.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote web server is affected by a denial of service vulnerability. File : glassfish_cve-2011-5035.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0322.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1711.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-021.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0139.nasl - Type : ACT_GATHER_INFO |
2012-02-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO |
2012-02-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1690.nasl - Type : ACT_GATHER_INFO |
2012-02-15 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_feb_2012.nasl - Type : ACT_GATHER_INFO |
2012-02-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0135.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris10_128640.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris10_x86_128641.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 128640-30 File : solaris9_128640.nasl - Type : ACT_GATHER_INFO |
2009-01-19 | Name : The remote host is missing Sun Security Patch number 128641-30 File : solaris9_x86_128641.nasl - Type : ACT_GATHER_INFO |
2007-10-18 | Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris8_124672.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris10_124672.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris10_x86_124673.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 124672-20 File : solaris9_124672.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 124673-20 File : solaris9_x86_124673.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:06 |
|
2014-01-27 05:18:19 |
|