CVE-2012-5074

CVE-2012-5074 is described as an unspecified vulnerability in the Oracle JRE component (Java SE) affecting 7.0 Update 7 and earlier, related to JAX-WS, with remote attackers potentially impacting confidentiality and integrity. Connected sources confirm the issue is part of multiple JRE vulnerabil...

CVE-2012-5074

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS...

CVE-2012-5076

CVE-2012-5076 is described in IBM’s JRE/JRules bulletin as an issue in IBM JRE 7.0 SR2 or earlier (shipped with Rational Functional Tester) and in non-IBM Java 7.0. The IBM document lists the vulnerability as affecting a number of internal com.sun packages which should be restricted. Remediation ...

CVE-2012-5076

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

CVE-2012-5074

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS...

CVE-2012-5076

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS...

[SECURITY] Fedora 17 Update: cxf-2.4.9-2.fc17

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...

[SECURITY] Fedora 18 Update: cxf-2.4.9-2.fc18

Apache CXF is an open-source services framework that aids in the development of services using front-end programming APIs, like JAX-WS and JAX-RS...

IBM WebSphere Application Server 7.0 < Fix Pack 21 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 before Fix Pack 21 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - An unspecified cross-site scripting issue exists related to the 'Web 2.0 Messaging service'. PM37840 - A security exposure whe...

IBM WebSphere Application Server 8.0 < Fix Pack 2 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 2 appears to be running on the remote host and is potentially affected by the following vulnerabilities : - An unspecified cross-site scripting issue exists related to the 'Web 2.0 Messaging service'. PM37840 - A security exposure when using...

USN-1263-2: OpenJDK 6 regression

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

RHEL 6 : java-1.6.0-ibm (RHSA-2012:0034)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0034 advisory. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes...

OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS...

CVE-2011-1377

The Web Services Security component in the Web Services Feature Pack before 6.1.0.41 for IBM WebSphere Application Server WAS 6.1 does not properly handle the enabling of WS-Security for a JAX-WS application, which has unspecified impact and attack vectors...

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Debian DSA-2356-1 : openjdk-6 - several vulnerabilities (BEAST)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform : - CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode. - CVE-2011-3521 The CORBA implementation contains a...

[SECURITY] [DSA 2356-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2356-1 [email protected] http://www.debian.org/security/ Florian Weimer December 01, 2011 http://www.debian.org/security/faq -...

CentOS 5 : java-1.6.0-openjdk (CESA-2011:1380) (BEAST)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

RHEL 5 / 6 : java-1.6.0-sun (RHSA-2011:1384)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1384 advisory. The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes...

java security update

CentOS Errata and Security Advisory CESA-2011:1380 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...