APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3)

USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel ARM architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes vulnerabilities in OpenJDK 6 for armel ARM architectures for Ubuntu 10.10. It was discovered that untrusted Java applets could create domain name resolution cache...

Ubuntu 9.10 / 10.04 LTS : openjdk-6b18 vulnerabilities (USN-1079-2)

USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel ARM architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel ARM architectures. In order to build the armel ARM OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and...

Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution (Windows)

The version of Oracle formerly Sun Java Runtime Environment JRE 7.x installed on the remote host is earlier than Update 17. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...

Oracle Java JDK / JRE 5 < Update 41 Remote Code Execution (Windows)

The version of Oracle formerly Sun Java Runtime Environment JRE 5.x installed on the remote host is earlier than Update 41. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...

Oracle Java JDK / JRE 6 < Update 43 Remote Code Execution (Windows)

The version of Oracle formerly Sun Java Runtime Environment JRE 6.x installed on the remote host is earlier than Update 43. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...

Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution (Unix)

The version of Oracle formerly Sun Java Runtime Environment JRE 7.x installed on the remote host is earlier than Update 17. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...

Oracle Java JDK / JRE 6 < Update 43 Remote Code Execution (Unix)

The version of Oracle formerly Sun Java Runtime Environment JRE 6.x installed on the remote host is earlier than Update 43. It, therefore, potentially can allow remote code execution due to the following vulnerabilities related to the '2D' sub-component : - An integer overflow error exists relate...

Java MBeanInstantiator findClass and Introspector Sandbox Escape

Added: 03/04/2013 CVE: CVE-2013-0431 BID: 57726 OSVDB: 89613 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Oracle Java SE 7 < Update 11 Multiple Vulnerabilities (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 11 and is, therefore, potentially affected by the following security issues : - An unspecified issue exists in the Libraries component. CVE-2012-3174 - An error exists in the...

Oracle Java contains multiple vulnerabilities

Overview Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE allows users to run Java applications in a...

Ubuntu Update for openjdk-7 USN-1693-1

Check for the Version of openjdk-7 OpenVAS Vulnerability Test $Id: gbubuntuUSN16931.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for openjdk-7 USN-1693-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

USN-1693-1: OpenJDK 7 vulnerabilities

It was discovered that OpenJDK 7's security mechanism could be bypassed via Java applets. If a user were tricked into opening a malicious website, a remote attacker could exploit this to perform arbitrary code execution as the user invoking the program...

Oracle Java SE 7 < Update 11 Multiple Vulnerabilities

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 11 and is, therefore, potentially affected by the following security issues : - An unspecified issue exists in the Libraries component. CVE-2012-3174 - An error exists in the...

[USN-1625-1] Icedtea-Web vulnerability

========================================================================= Ubuntu Security Notice USN-1625-1 November 07, 2012 icedtea-web vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

USN-1625-1: Icedtea-Web vulnerability

Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program...

Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20121017) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086, CVE-2012-5084, CVE-2012-5089 Multiple improper permission check issues we...

USN-1521-1: IcedTea-Web vulnerabilities

Chamal De Silva discovered that the IcedTea-Web Java web browser plugin could dereference an uninitialized pointer. A remote attacker could use this to craft a malicious web page that could cause a denial of service by crashing the web browser or possibly execute arbitrary code. CVE-2012-3422...