CVE-2017-10350

CVE-2017-10350 is an OpenJDK/Oracle Java SE vulnerability in the JAX-WS subcomponent that could allow an unauthenticated network attacker to cause a partial denial of service in Java SE/Java SE Embedded deployments (clients loading untrusted code in sandbox). Affected versions per initial descrip...

Oracle Java SE Multiple Vulnerabilities (October 2017 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D Little CMS 2 - Deployment - Hotspot -...

Oracle Java SE Multiple Vulnerabilities (October 2017 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D Little CMS 2 - Deployment - Hotspot -...

Oracle Java SE Security Updates (oct2017-3236626) 04 - Linux

Oracle Java SE is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescription...

KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in subcomponent Smart Card IO can be...

BSA-2017-422

Security Advisory ID : BSA-2017-422 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit:...

OpenJDK: insecure XML parsing in wsdlimport (JAX-WS, 8182054)

It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak...

SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:2175-1)

This java-180-openjdk update to version jdk8u141 icedtea 3.5.0 fixes the following issues: Security issues fixed : - CVE-2017-10053: Improved image post-processing steps bsc1049305 - CVE-2017-10067: Additional jar validation steps bsc1049306 - CVE-2017-10074: Image conversion improvements...

CVE-2017-10243

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with...

Oracle Java SE 6 < Update 161 / 7 < Update 151 / 8 < Update 141 Multiple Vulnerabilities

Binary data 700165.prm...

UBUNTU-CVE-2017-10243

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAX-WS. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with...

Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote...

Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote...

[SECURITY] Fedora 25 Update: cxf-3.1.6-5.fc25

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...

[SECURITY] Fedora 25 Update: cxf-3.1.6-3.fc25

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...

The vulnerability of the Java Development Kit application development tool allows a remote attacker to compromise data confidentiality and integrity.

The vulnerability of the Java Development Kit, related to the subcomponents of the application. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data, by using the JAX-WS subcomponent...

Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity

Vulnerability of the Java Runtime Environment, related to program subcomponents. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data by using the JAX-WS subcomponent...

SUSE: Security Advisory for java-1_7_0-openjdk (SUSE-SU-2015:0503-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 22 Update: cxf-2.7.11-1.fc22

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...