357 matches found
SUSE: Security Advisory for java-1_7_0-openjdk (SUSE-SU-2015:0503-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: cxf-2.7.11-1.fc22
Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...
VMware vCenter Chargeback Manager Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
The version of VMware vCenter Chargeback Manager installed on the remote host is affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in...
WS: EJB3 role restrictions are not applied to jaxws handlers
A flaw was found in the way method-level authorization for JAX-WS Service endpoints was performed by the EJB invocation handler implementation. Any restrictions declared on EJB methods were ignored when executing the JAX-WS handlers, and only class-level restrictions were applied. A remote attack...
VMware Workspace Portal Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
The VMware Workspace Portal formerly known as VMware Horizon Workspace installed on the remote host is version 2.x prior to 2.1.1. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles paddi...
VMware vCenter Operations Management Windows JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
The version of VMware vCenter Operations Manager installed on the remote Windows host has a bundled version of the Java JRE prior to version 1.7.076-b13 aka 7.0.760.13. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability i...
VMware vCenter Operations Management Linux JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
The version of VMware vCenter Operations Manager installed on the remote Linux host has a bundled version of the Java JRE prior to version 1.7.076-b13 aka 7.0.760.13. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is...
VMware vCenter Operations Management vApp JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
The version of VMware vCenter Operations Manager installed on the remote host has a bundled version of the Java JRE prior to version 1.7.076-b13 aka 7.0.760. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to th...
OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)
An improper permission check issue was discovered in the JAX-WS component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
Oracle Java SE 6 < Update 86 / 7 < Update 73 / 8 < Update 26 Multiple Vulnerabilities
Binary data 8899.prm...
OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)
An improper permission check issue was discovered in the JAX-WS component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Feb 2015) - Windows
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for java CESA-2015:0085 centos5
Check the version of java SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882106";...
MGASA-2015-0037 Updated java-1.7.0-openjdk packages fix security vulnerabilities
Updated java-1.7.0 packages fix security vulnerabilities: A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions CVE-2014-6601. Multiple improper...
jdk8-openjdk: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...
jre7-openjdk-headless: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6587 privilege escalation MulticastSocket NULL pointer dereference allows local users to...
jdk7-openjdk: multiple issues
CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 out-of-bounds read Allows remote attackers to affect confidentiality via font parsing...
RedHat Update for java-1.7.0-openjdk RHSA-2015:0067-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)
An improper permission check issue was discovered in the JAX-WS component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20150121) (POODLE)
Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. CVE-2014-6601,...