Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

CVE-2013-2438

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX...

CVE-2013-2420

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

CVE-2013-2384

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

CVE-2013-2426

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from t...

CVE-2013-2415

CVE-2013-2415 is an unspecified vulnerability in the Java Runtime Environment (JRE) component found in Oracle Java SE 7 Update 17 and earlier, and in OpenJDK 6 and 7, that allows local users to affect confidentiality via vectors related to JAX-WS. Connected advisories from MiracleLinux (AXSA-2013...

EUVD-2013-1593

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...

CVE-2013-1557

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...

CVE-2013-1537

CVE-2013-1537 is a remote code execution/vulnerability in the Java Runtime Environment via RMI. Affected components include Oracle Java SE 7u17 and earlier, Java SE 6/5 series, and OpenJDK 6/7; exploitation can affect confidentiality, integrity, and availability. The issue is described as unspeci...

CVE-2013-2423

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented...

CVE-2013-2439

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related...

CVE-2013-2426

CVE-2013-2426 is an unspecified vulnerability in the Java Runtime Environment (JRE) component, affecting Oracle Java SE 7 Update 17 and earlier and OpenJDK 6 and 7, with unknown vectors related to Libraries. The impact is confidentiality, integrity, and availability, as stated in the CVS descript...

CVE-2013-2416

CVE-2013-2416 is an unspecified vulnerability in the JRE component of Oracle Java SE 7 Update 17 and earlier. The description indicates it could affect integrity via unknown vectors related to Deployment; the connected IBM/OSV entries confirm it as a JRE-related issue in the 2013 Oracle CPU conte...

CVE-2013-1561

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX...

CVE-2013-2383

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

CVE-2013-2419

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous...

CVE-2013-2422

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the...

CVE-2013-2418

CVE-2013-2418 affects Oracle Java SE 7 (Update 17 and earlier) and Java SE 6 (Update 43 and earlier) JRE deployments. Root cause relates to Deployment; allows local users to impact confidentiality, integrity, and availability via unknown vectors. No specific exploit details or patches are provide...

CVE-2013-1518

CVE-2013-1518 is an unspecified vulnerability in the Java Runtime Environment (JRE) component of Oracle Java SE (7u17 and earlier; 6u43 and earlier; 5.0u41 and earlier) and in OpenJDK 6/7. The issue allows remote attackers to affect confidentiality, integrity, and availability via vectors related...