Oracle Java SE Security Updates (jan2018-3236628) 02 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescription...

Oracle Java SE Security Updates (jan2018-3236628) 03 - Windows

Oracle Java SE is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Java SE Security Updates (jan2018-3236628) 01 - Windows

Oracle Java SE is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-2618

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker wi...

UBUNTU-CVE-2018-2603

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

UBUNTU-CVE-2018-2588

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: LDAP. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2018-2663

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacke...

KLA11178 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability ...

CVE-2013-4578

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...

Design/Logic Flaw

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...

SUSE-SU-2017:3455-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Security update to version 7.1.4.15 bsc1070162 CVE-2017-10349: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u15...

CVE-2013-4578

The CVE targets jarsigner in OpenJDK and Oracle Java SE prior to 7u51, allowing an attacker to bypass code-signing protection and inject unsigned bytecode into a signed JAR due to improper file validation. Affected: OpenJDK and Oracle Java SE (pre-7u51). Root cause is improper file validation in ...

SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:3440-1)

This update for java-171-ibm fixes the following issues : - CVE-2017-10349: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144;...

Unspecified Vulnerability in Oracle Java SE (CNVD-2018-01469)

Oracle Java SE is the United States Oracle Oracle company's set of standard version of the Java platform for the development and deployment of desktop, server, and embedded devices and real-time environments in the Java application. An unspecified vulnerability exists in the Java Runtime...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-936)

It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. CVE-2017-10198 Vulnerabilit...

Critical: java-1.7.0-openjdk

Issue Overview: It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms...

OpenJDK: multiple unbounded memory allocations in deserialization (Libraries, 8181432)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multip...

OpenJDK: unbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Oracle Java SE Wv8u131 Information Disclosure

!/usr/local/bin/python """ Oracle Java SE Web Start jnlp XML External Entity Processing Information Disclosure Vulnerability Affected: + eg: ./poc.py 'C:/Program Files/Java/jre1.8.0131/README.txt' saturn: mrme$ ./poc.py 'C:/Program Files/Java/jre1.8.0131/README.txt' Oracle Java Web Start JNLP XML...

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure !/usr/local/bin/python """ Oracle Java SE Web Start jnlp XML External Entity Processing Information Disclosure Vulnerability Affected: + eg: ./poc.py 'C:/Program Files/Java/jre1.8.0131/README.txt' saturn: mrme$...