Executive Summary

Informations
Name MDVSA-2013:010 First vendor Publication 2013-02-11
Vendor Mandriva Last vendor Modification 2013-02-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple security issues were identified and fixed in OpenJDK (icedtea6):

* S6563318, CVE-2013-0424: RMI data sanitization * S6664509, CVE-2013-0425: Add logging context * S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time * S6776941: CVE-2013-0427: Improve thread pool shutdown * S7141694, CVE-2013-0429: Improving CORBA internals * S7173145: Improve in-memory representation of splashscreens * S7186945: Unpack200 improvement * S7186946: Refine unpacker resource usage * S7186948: Improve Swing data validation * S7186952, CVE-2013-0432: Improve clipboard access * S7186954: Improve connection performance * S7186957: Improve Pack200 data validation * S7192392, CVE-2013-0443: Better validation of client keys * S7192393, CVE-2013-0440: Better Checking of order of TLS Messages * S7192977, CVE-2013-0442: Issue in toolkit thread * S7197546, CVE-2013-0428: (proxy) Reflect about creating reflective proxies * S7200491: Tighten up JTable layout code * S7200500: Launcher better input validation * S7201064: Better dialogue checking * S7201066, CVE-2013-0441: Change modifiers on unused fields * S7201068, CVE-2013-0435: Better handling of UI elements * S7201070: Serialization to conform to protocol * S7201071, CVE-2013-0433: InetSocketAddress serialization issue * S8000210: Improve JarFile code quality * S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class * S8000540, CVE-2013-1475: Improve IIOP type reuse management * S8000631, CVE-2013-1476: Restrict access to class constructor * S8001235, CVE-2013-0434: Improve JAXP HTTP handling * S8001242: Improve RMI HTTP conformance * S8001307: Modify ACC_SUPER behavior * S8001972, CVE-2013-1478: Improve image processing * S8002325, CVE-2013-1480: Improve management of images * Backports * S7010849: 5/5 Extraneous javac source/target options when building sa-jdi

The updated packages provides icedtea6-1.11.6 which is not vulnerable to these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:010

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15733
 
Oval ID: oval:org.mitre.oval:def:15733
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: 2D) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1478
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15832
 
Oval ID: oval:org.mitre.oval:def:15832
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JSSE) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0443
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15888
 
Oval ID: oval:org.mitre.oval:def:15888
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0426
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16013
 
Oval ID: oval:org.mitre.oval:def:16013
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0427
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16035
 
Oval ID: oval:org.mitre.oval:def:16035
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0442
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16045
 
Oval ID: oval:org.mitre.oval:def:16045
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1480
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16058
 
Oval ID: oval:org.mitre.oval:def:16058
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0425
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16489
 
Oval ID: oval:org.mitre.oval:def:16489
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JAX-WS) 7 through Update 11 and 6 through Update 38, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0435
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16496
 
Oval ID: oval:org.mitre.oval:def:16496
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0428
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16519
 
Oval ID: oval:org.mitre.oval:def:16519
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: RMI) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0424
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16528
 
Oval ID: oval:org.mitre.oval:def:16528
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JAXP) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0434
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16537
 
Oval ID: oval:org.mitre.oval:def:16537
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Networking) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0433
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16550
 
Oval ID: oval:org.mitre.oval:def:16550
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JMX) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0450
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16558
 
Oval ID: oval:org.mitre.oval:def:16558
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: JSSE) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0440
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16566
 
Oval ID: oval:org.mitre.oval:def:16566
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0441
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16567
 
Oval ID: oval:org.mitre.oval:def:16567
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: AWT) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0432
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16613
 
Oval ID: oval:org.mitre.oval:def:16613
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: windows Class: vulnerability
Reference(s): CVE-2013-1475
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16649
 
Oval ID: oval:org.mitre.oval:def:16649
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
Family: windows Class: vulnerability
Reference(s): CVE-2013-0429
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16652
 
Oval ID: oval:org.mitre.oval:def:16652
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: CORBA) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
Family: windows Class: vulnerability
Reference(s): CVE-2013-1476
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18597
 
Oval ID: oval:org.mitre.oval:def:18597
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0442
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18641
 
Oval ID: oval:org.mitre.oval:def:18641
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0427
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18845
 
Oval ID: oval:org.mitre.oval:def:18845
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1480
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19010
 
Oval ID: oval:org.mitre.oval:def:19010
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0443
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19078
 
Oval ID: oval:org.mitre.oval:def:19078
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0435
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19126
 
Oval ID: oval:org.mitre.oval:def:19126
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0442
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19131
 
Oval ID: oval:org.mitre.oval:def:19131
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0424
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19181
 
Oval ID: oval:org.mitre.oval:def:19181
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0432
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19229
 
Oval ID: oval:org.mitre.oval:def:19229
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0440
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19238
 
Oval ID: oval:org.mitre.oval:def:19238
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1475
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19245
 
Oval ID: oval:org.mitre.oval:def:19245
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0427
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19261
 
Oval ID: oval:org.mitre.oval:def:19261
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0426
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19266
 
Oval ID: oval:org.mitre.oval:def:19266
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0441
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19272
 
Oval ID: oval:org.mitre.oval:def:19272
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0434
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19285
 
Oval ID: oval:org.mitre.oval:def:19285
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0440
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19286
 
Oval ID: oval:org.mitre.oval:def:19286
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0450
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19289
 
Oval ID: oval:org.mitre.oval:def:19289
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0441
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19300
 
Oval ID: oval:org.mitre.oval:def:19300
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0429
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19325
 
Oval ID: oval:org.mitre.oval:def:19325
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1475
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19342
 
Oval ID: oval:org.mitre.oval:def:19342
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0429
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19351
 
Oval ID: oval:org.mitre.oval:def:19351
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1480
Version: 13
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19363
 
Oval ID: oval:org.mitre.oval:def:19363
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0450
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19382
 
Oval ID: oval:org.mitre.oval:def:19382
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0443
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19397
 
Oval ID: oval:org.mitre.oval:def:19397
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to CPU consumption in the the SSL/TLS implementation via a large number of ClientHello packets that are not properly handled by (1) ClientHandshaker.java and (2) ServerHandshaker.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0440
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19405
 
Oval ID: oval:org.mitre.oval:def:19405
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0433
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19423
 
Oval ID: oval:org.mitre.oval:def:19423
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0424
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19426
 
Oval ID: oval:org.mitre.oval:def:19426
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0432
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19429
 
Oval ID: oval:org.mitre.oval:def:19429
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1478
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19430
 
Oval ID: oval:org.mitre.oval:def:19430
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0434
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19434
 
Oval ID: oval:org.mitre.oval:def:19434
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0442
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19437
 
Oval ID: oval:org.mitre.oval:def:19437
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0443
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19454
 
Oval ID: oval:org.mitre.oval:def:19454
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1478
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19457
 
Oval ID: oval:org.mitre.oval:def:19457
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0429
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19459
 
Oval ID: oval:org.mitre.oval:def:19459
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0433
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19466
 
Oval ID: oval:org.mitre.oval:def:19466
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
Family: unix Class: vulnerability
Reference(s): CVE-2013-1476
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19468
 
Oval ID: oval:org.mitre.oval:def:19468
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0433
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19471
 
Oval ID: oval:org.mitre.oval:def:19471
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0426
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19474
 
Oval ID: oval:org.mitre.oval:def:19474
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0428
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19475
 
Oval ID: oval:org.mitre.oval:def:19475
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
Family: unix Class: vulnerability
Reference(s): CVE-2013-1476
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19480
 
Oval ID: oval:org.mitre.oval:def:19480
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0428
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19483
 
Oval ID: oval:org.mitre.oval:def:19483
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0425
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19484
 
Oval ID: oval:org.mitre.oval:def:19484
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0426
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19488
 
Oval ID: oval:org.mitre.oval:def:19488
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to interrupt certain threads that should not be interrupted.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0427
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19489
 
Oval ID: oval:org.mitre.oval:def:19489
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient clipboard access premission checks."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0432
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19491
 
Oval ID: oval:org.mitre.oval:def:19491
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0428
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19502
 
Oval ID: oval:org.mitre.oval:def:19502
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0425
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19503
 
Oval ID: oval:org.mitre.oval:def:19503
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0425
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19504
 
Oval ID: oval:org.mitre.oval:def:19504
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1480
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19505
 
Oval ID: oval:org.mitre.oval:def:19505
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0434
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19507
 
Oval ID: oval:org.mitre.oval:def:19507
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."
Family: unix Class: vulnerability
Reference(s): CVE-2013-1476
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19509
 
Oval ID: oval:org.mitre.oval:def:19509
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0441
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19520
 
Oval ID: oval:org.mitre.oval:def:19520
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
Family: unix Class: vulnerability
Reference(s): CVE-2013-0435
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19522
 
Oval ID: oval:org.mitre.oval:def:19522
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to RMI. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to cross-site scripting (XSS) in the sun.rmi.transport.proxy CGIHandler class that does not properly handle error messages in a (1) command or (2) port number.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0424
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19529
 
Oval ID: oval:org.mitre.oval:def:19529
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1478
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19572
 
Oval ID: oval:org.mitre.oval:def:19572
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.
Family: unix Class: vulnerability
Reference(s): CVE-2013-0450
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19593
 
Oval ID: oval:org.mitre.oval:def:19593
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: vulnerability
Reference(s): CVE-2013-1475
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20157
 
Oval ID: oval:org.mitre.oval:def:20157
Title: RHSA-2013:0246: java-1.6.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): RHSA-2013:0246-00
CESA-2013:0246
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 283
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20835
 
Oval ID: oval:org.mitre.oval:def:20835
Title: RHSA-2013:0245: java-1.6.0-openjdk security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): RHSA-2013:0245-02
CESA-2013:0245
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 283
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20981
 
Oval ID: oval:org.mitre.oval:def:20981
Title: RHSA-2013:0247: java-1.7.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): RHSA-2013:0247-01
CESA-2013:0247
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0431
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0444
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 311
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): java-1.7.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21002
 
Oval ID: oval:org.mitre.oval:def:21002
Title: RHSA-2012:1467: java-1.7.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): RHSA-2012:1467-01
CVE-2011-3544
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-1718
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4820
CVE-2012-4821
CVE-2012-4822
CVE-2012-4823
CVE-2012-5067
CVE-2012-5069
CVE-2012-5070
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5074
CVE-2012-5075
CVE-2012-5076
CVE-2012-5077
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5086
CVE-2012-5087
CVE-2012-5088
CVE-2012-5089
CVE-2013-1475
Version: 406
Platform(s): Red Hat Enterprise Linux 6
Product(s): java-1.7.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21011
 
Oval ID: oval:org.mitre.oval:def:21011
Title: RHSA-2012:1466: java-1.6.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): RHSA-2012:1466-01
CVE-2012-0547
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-1682
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4820
CVE-2012-4822
CVE-2012-4823
CVE-2012-5068
CVE-2012-5069
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5075
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5089
CVE-2013-1475
Version: 304
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product(s): java-1.6.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21614
 
Oval ID: oval:org.mitre.oval:def:21614
Title: RHSA-2012:1465: java-1.5.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): RHSA-2012:1465-01
CVE-2012-1531
CVE-2012-3143
CVE-2012-3216
CVE-2012-4820
CVE-2012-4822
CVE-2012-5069
CVE-2012-5071
CVE-2012-5073
CVE-2012-5075
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5089
CVE-2013-1475
Version: 200
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product(s): java-1.5.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22881
 
Oval ID: oval:org.mitre.oval:def:22881
Title: ELSA-2013:0246: java-1.6.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2013:0246-00
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 85
Platform(s): Oracle Linux 5
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23243
 
Oval ID: oval:org.mitre.oval:def:23243
Title: DEPRECATED: ELSA-2013:0247: java-1.7.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2013:0247-01
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0431
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0444
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 94
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): java-1.7.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23342
 
Oval ID: oval:org.mitre.oval:def:23342
Title: ELSA-2012:1466: java-1.6.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): ELSA-2012:1466-01
CVE-2012-0547
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-1682
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4820
CVE-2012-4822
CVE-2012-4823
CVE-2012-5068
CVE-2012-5069
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5075
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5089
CVE-2013-1475
Version: 97
Platform(s): Oracle Linux 6
Product(s): java-1.6.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23437
 
Oval ID: oval:org.mitre.oval:def:23437
Title: ELSA-2012:1465: java-1.5.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): ELSA-2012:1465-01
CVE-2012-1531
CVE-2012-3143
CVE-2012-3216
CVE-2012-4820
CVE-2012-4822
CVE-2012-5069
CVE-2012-5071
CVE-2012-5073
CVE-2012-5075
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5089
CVE-2013-1475
Version: 65
Platform(s): Oracle Linux 6
Product(s): java-1.5.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23893
 
Oval ID: oval:org.mitre.oval:def:23893
Title: ELSA-2012:1467: java-1.7.0-ibm security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.
Family: unix Class: patch
Reference(s): ELSA-2012:1467-01
CVE-2011-3544
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-1718
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4820
CVE-2012-4821
CVE-2012-4822
CVE-2012-4823
CVE-2012-5067
CVE-2012-5069
CVE-2012-5070
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5074
CVE-2012-5075
CVE-2012-5076
CVE-2012-5077
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5086
CVE-2012-5087
CVE-2012-5088
CVE-2012-5089
CVE-2013-1475
Version: 129
Platform(s): Oracle Linux 6
Product(s): java-1.7.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23933
 
Oval ID: oval:org.mitre.oval:def:23933
Title: ELSA-2013:0245: java-1.6.0-openjdk security update (Critical)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2013:0245-02
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 85
Platform(s): Oracle Linux 6
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24063
 
Oval ID: oval:org.mitre.oval:def:24063
Title: ELSA-2013:0247: java-1.7.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.
Family: unix Class: patch
Reference(s): ELSA-2013:0247-01
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0431
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0444
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 93
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): java-1.7.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25292
 
Oval ID: oval:org.mitre.oval:def:25292
Title: SUSE-SU-2013:0456-4 -- Security update for Java
Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0456-4
CVE-2013-1487
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-0441
CVE-2013-1476
CVE-2012-1541
CVE-2013-0446
CVE-2012-3342
CVE-2013-0442
CVE-2013-0450
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2012-3213
CVE-2013-1481
CVE-2013-0419
CVE-2013-0423
CVE-2013-0351
CVE-2013-0432
CVE-2013-1473
CVE-2013-0435
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0438
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25622
 
Oval ID: oval:org.mitre.oval:def:25622
Title: SUSE-SU-2013:0440-6 -- Security update for Java
Description: IBM Java 5 has been updated to SR16 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0440-6
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-1476
CVE-2013-0442
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2013-1481
CVE-2013-0432
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25940
 
Oval ID: oval:org.mitre.oval:def:25940
Title: SUSE-SU-2013:0440-2 -- Security update for Java
Description: IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0440-2
CVE-2013-1478
CVE-2013-1480
CVE-2013-1476
CVE-2013-0442
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2013-1481
CVE-2013-0432
CVE-2013-0434
CVE-2013-0424
CVE-2013-0440
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26028
 
Oval ID: oval:org.mitre.oval:def:26028
Title: SUSE-SU-2013:0456-2 -- Security update for Java
Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0456-2
CVE-2013-1487
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-0441
CVE-2013-1476
CVE-2012-1541
CVE-2013-0446
CVE-2012-3342
CVE-2013-0442
CVE-2013-0450
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2012-3213
CVE-2013-1481
CVE-2013-0419
CVE-2013-0423
CVE-2013-0351
CVE-2013-0432
CVE-2013-1473
CVE-2013-0435
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0438
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26075
 
Oval ID: oval:org.mitre.oval:def:26075
Title: SUSE-SU-2013:0440-4 -- Security update for Java
Description: IBM Java 5 has been updated to SR16 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0440-4
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-1476
CVE-2013-0442
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2013-1481
CVE-2013-0432
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26128
 
Oval ID: oval:org.mitre.oval:def:26128
Title: SUSE-SU-2013:0315-1 -- Security update for Java 1.6.0
Description: java-1_6_0-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0315-1
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0429
CVE-2013-0432
CVE-2013-0443
CVE-2013-0440
CVE-2013-0442
CVE-2013-0428
CVE-2013-0441
CVE-2013-0435
CVE-2013-0433
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-0434
CVE-2013-1478
CVE-2013-1480
Version: 3
Platform(s): SUSE Linux Enterprise Desktop 11
Product(s): Java 1.6.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26262
 
Oval ID: oval:org.mitre.oval:def:26262
Title: SUSE-SU-2013:0440-3 -- Security update for Java
Description: IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0440-3
CVE-2013-1478
CVE-2013-1480
CVE-2013-1476
CVE-2013-0442
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2013-1481
CVE-2013-0432
CVE-2013-0434
CVE-2013-0424
CVE-2013-0440
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26279
 
Oval ID: oval:org.mitre.oval:def:26279
Title: SUSE-SU-2013:0456-3 -- Security update for Java
Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0456-3
CVE-2013-1487
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-0441
CVE-2013-1476
CVE-2012-1541
CVE-2013-0446
CVE-2012-3342
CVE-2013-0442
CVE-2013-0450
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2012-3213
CVE-2013-1481
CVE-2013-0419
CVE-2013-0423
CVE-2013-0351
CVE-2013-0432
CVE-2013-1473
CVE-2013-0435
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0438
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26283
 
Oval ID: oval:org.mitre.oval:def:26283
Title: SUSE-SU-2013:0456-1 -- Security update for Java
Description: IBM Java 6 has been updated to SR13 which fixes various critical security issues and bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0456-1
CVE-2013-1487
CVE-2013-1486
CVE-2013-1478
CVE-2013-0445
CVE-2013-1480
CVE-2013-0441
CVE-2013-1476
CVE-2012-1541
CVE-2013-0446
CVE-2012-3342
CVE-2013-0442
CVE-2013-0450
CVE-2013-0425
CVE-2013-0426
CVE-2013-0428
CVE-2012-3213
CVE-2013-1481
CVE-2013-0419
CVE-2013-0423
CVE-2013-0351
CVE-2013-0432
CVE-2013-1473
CVE-2013-0435
CVE-2013-0434
CVE-2013-0409
CVE-2013-0427
CVE-2013-0433
CVE-2013-0424
CVE-2013-0440
CVE-2013-0438
CVE-2013-0443
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27509
 
Oval ID: oval:org.mitre.oval:def:27509
Title: DEPRECATED: ELSA-2013-0246 -- java-1.6.0-openjdk security update (important)
Description: [ 1:1.6.0.0-1.33.1.11.6.0.1.el5_9] - Add oracle-enterprise.patch [1:1.6.0.0-1.33.1.11.6] - removed patch9 revertTwoWrongSecurityPatches2013-02-06.patch - added patch9: 7201064.patch to be reverted - added patch10: 8005615.patch to fix the 6664509.patch - Resolves: rhbz#906705 [1:1.6.0.0-1.32.1.11.6] - added patch9 revertTwoWrongSecurityPatches2013-02-06.patch to remove 6664509 and 7201064 from 1.11.6 tarball - Resolves: rhbz#906705 [1:1.6.0.0-1.31.1.11.6] - Updated to icedtea6 1.11.6 - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#906705
Family: unix Class: patch
Reference(s): ELSA-2013-0246
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 4
Platform(s): Oracle Linux 5
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27631
 
Oval ID: oval:org.mitre.oval:def:27631
Title: DEPRECATED: ELSA-2013-0245 -- java-1.6.0-openjdk security update (critical)
Description: [1:1.6.0.0-1.54.1.11.6] - removed patch8 revertTwoWrongSecurityPatches2013-02-06.patch - added patch8: 7201064.patch to be reverted - added patch9: 8005615.patch to fix the 6664509.patch - Resolves: rhbz#906707 [1:1.6.0.0-1.53.1.11.6] - added patch8 revertTwoWrongSecurityPatches2013-02-06.patch to remove 6664509 and 7201064 from 1.11.6 tarball - Resolves: rhbz#906707 [1:1.6.0.0-1.51.1.11.6] - Updated to icedtea6 1.11.6 - Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#906707
Family: unix Class: patch
Reference(s): ELSA-2013-0245
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0445
CVE-2013-0450
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
Version: 4
Platform(s): Oracle Linux 6
Product(s): java-1.6.0-openjdk
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 31
Application 30
Application 90
Application 91

Nessus® Vulnerability Scanner

Date Description
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-08-22 Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO
2014-06-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-165.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-131.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote server is affected by multiple vulnerabilities.
File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote server is affected by multiple vulnerabilities.
File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-156.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-155.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-05-10 Name : The remote application server may be affected by multiple vulnerabilities.
File : websphere_8_5_0_2.nasl - Type : ACT_GATHER_INFO
2013-05-10 Name : The remote application server may be affected by multiple vulnerabilities.
File : websphere_8_0_0_6.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-095.nasl - Type : ACT_GATHER_INFO
2013-03-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-8483.nasl - Type : ACT_GATHER_INFO
2013-03-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-130312.nasl - Type : ACT_GATHER_INFO
2013-03-15 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-ibm-8495.nasl - Type : ACT_GATHER_INFO
2013-03-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-8481.nasl - Type : ACT_GATHER_INFO
2013-03-14 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-130306.nasl - Type : ACT_GATHER_INFO
2013-03-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-ibm-130306.nasl - Type : ACT_GATHER_INFO
2013-03-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0624.nasl - Type : ACT_GATHER_INFO
2013-03-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0626.nasl - Type : ACT_GATHER_INFO
2013-03-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0625.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote Unix host contains a programming platform that is potentially affe...
File : oracle_java_cpu_feb_2013_unix.nasl - Type : ACT_GATHER_INFO
2013-02-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-openjdk-130212.nasl - Type : ACT_GATHER_INFO
2013-02-20 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_2013-001.nasl - Type : ACT_GATHER_INFO
2013-02-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1724-1.nasl - Type : ACT_GATHER_INFO
2013-02-13 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130205_jdk_1_6_0_on_SL_5_0.nasl - Type : ACT_GATHER_INFO
2013-02-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-010.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2013-2209.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2013-2188.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2013-2205.nasl - Type : ACT_GATHER_INFO
2013-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2013-2197.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130208_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130208_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130208_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0247.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0246.nasl - Type : ACT_GATHER_INFO
2013-02-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0245.nasl - Type : ACT_GATHER_INFO
2013-02-06 Name : The remote Fedora host is missing a security update.
File : fedora_2013-1898.nasl - Type : ACT_GATHER_INFO
2013-02-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0236.nasl - Type : ACT_GATHER_INFO
2013-02-05 Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update12.nasl - Type : ACT_GATHER_INFO
2013-02-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0237.nasl - Type : ACT_GATHER_INFO
2013-02-04 Name : The remote Windows host contains a programming platform that is potentially a...
File : oracle_java_cpu_feb_2013.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1485.nasl - Type : ACT_GATHER_INFO
2013-01-17 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d5e0317e5e4511e2a113c48508086173.nasl - Type : ACT_GATHER_INFO
2012-11-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1467.nasl - Type : ACT_GATHER_INFO
2012-11-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO
2012-11-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1465.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:43:17
  • Multiple Updates
2013-02-11 21:19:32
  • First insertion