Critical: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update

Unspecified vulnerability in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via...

JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update

Unspecified vulnerability in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via...

JDK: unspecified full Java sandbox bypass fixed in Feb 2015 update

Unspecified vulnerability in the Java Virtual Machine JVM in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vector...

CVE-2014-3065

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

Design/Logic Flaw

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

CVE-2014-3068

IBM Java Runtime Environment JRE 7 R1 before SR1 FP1 7.1.1.1, 7 before SR7 FP1 7.0.7.1, 6 R1 before SR8 FP1 6.1.8.1, 6 before SR16 FP1 6.0.16.1, and before 5.0 SR16 FP7 5.0.16.7 allows attackers to obtain the private key from a Certificate Management System CMS keystore via a brute force attack...

CVE-2014-3065

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

CVE-2014-3065

CVE-2014-3065: IBM Java SDK/JRE contains a vulnerability where the default configuration for the shared classes feature potentially allows arbitrary code execution via the shared classes cache by other local users. Affected IBM Java versions include IBM SDK/JAVA 2 Technology Edition (v5.0 SR16 FP...

SuSE 11.3 Security Update : IBM Java (SAT Patch Number 9999)

java-170-ibm has been updated to version 1.7.0sr7.2 to fix 21 security issues. These security issues have been fixed : - Unspecified vulnerability. CVE-2014-3065 - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier...

SuSE 11.3 Security Update : IBM Java (SAT Patch Number 9992)

java-160-ibm has been updated to version 1.6.0sr16.2 to fix 18 security issues. These security issues has been fixed : - Unspecified vulnerability in Oracle Java SE 6u81. CVE-2014-3065 - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding,...

AIX Java Advisory : java_oct2014_advisory.asc (POODLE)

The version of Java SDK installed on the remote host is affected by the following vulnerabilities : - A privilege escalation vulnerability in the IBM Java SDK allows a local attacker to inject arbitrary code into the shared classes cache due to a flaw in the default configuration for the shared...

SUSE-SU-2015:0343-1 Security update for IBM Java

java-170-ibm has been updated to version 1.7.0sr7.2 to fix 21 security issues. These security issues have been fixed: Unspecified vulnerability CVE-2014-3065. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for...

RHEL 6 : java-1.7.0-ibm (RHSA-2014:1882)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1882 advisory. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...

Critical: Red Hat Security Advisory: java-1.7.1-ibm security update

Updated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

JDK: privilege escalation via shared class cache

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

JDK: privilege escalation via shared class cache

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

Critical: Red Hat Security Advisory: java-1.7.0-ibm security update

Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:1877)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1877 advisory. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...

RHEL 5 : java-1.7.0-ibm (RHSA-2014:1876)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1876 advisory. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several...