DEBIAN-CVE-2018-18443

OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview...

USN-3396-1 openjdk-7 vulnerabilities

It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...

OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

USN-3366-1 openjdk-8 vulnerabilities

It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...

OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Design/Logic Flaw

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...

CVE-2017-7670

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...

CVE-2017-7670

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...

CVE-2017-7670

The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...

RHEL 6 : Red Hat Gluster Storage 3.2.0 (RHSA-2017:0484)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0484 advisory. Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies dat...

Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34444/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:0377-1)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

The Windows kernel-EPATHOBJ 0day exploit-vulnerability warning-the black bar safety net

This vulnerability is through the PATHALLOCfor memory pressure of the test broke, the first use of PATHRECpointing to the same user space PATHREC EPATHOBJ::bFlatten it will”spin”for an unlimited linked list traversal. Such as:PathRecord-next = PathRecord; Although it will spin,but it will be by...

SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0312-1 (java-1_6_0-openjdk)

Check for the Version of java-160-openjdk OpenVAS Vulnerability Test $Id: gbsuse201303121.nasl 8494 2018-01-23 06:57:55Z teissa $ SuSE Update for java-160-openjdk openSUSE-SU-2013:0312-1 java-160-openjdk Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH,...

SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0308-1 (java-1_6_0-openjdk)

Check for the Version of java-160-openjdk OpenVAS Vulnerability Test $Id: gbsuse201303081.nasl 8494 2018-01-23 06:57:55Z teissa $ SuSE Update for java-160-openjdk openSUSE-SU-2013:0308-1 java-160-openjdk Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH,...

java-1_7_0-openjdk: update to 2.3.6 (critical)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...

SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)

java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...

java-1_6_0-openjdk to 1.12.2 (important)

OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...

Fedora 16 : java-1.7.0-openjdk-1.7.0.9-2.3.5.3.fc16 (2013-2188)

The update contains the following security fixes : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdow...