OpenJDK: XML parsing Denial of Service (JAXP, 8014530)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP...

Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:267)

Updated java-1.7.0-openjdk packages fix security vulnerabilities : Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-235)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-246)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

MGASA-2013-0323 Updated java-1.6.0-openjdk package fixes multiple vulnerabilities

Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...

MGASA-2013-0322 Updated java-1.7.0-openjdk package fixes security vulnerabilities

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

CentOS Update for java CESA-2013:1505 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2013:1505 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

OpenJDK: XML stream factory finder information leak (JAXP, 8013502)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP...

OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20131105)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

java security update

CentOS Errata and Security Advisory CESA-2013:1505 Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

RedHat Update for java-1.7.0-openjdk RHSA-2013:1447-01

Check for the Version of java-1.7.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.7.0-openjdk RHSA-2013:1447-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

USN-2000-1: Nova vulnerabilities

It was discovered that Nova did not properly enforce the ispublic property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. CVE-2013-2256, CVE-2013-4278 Grant Murphy...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

java security update

CentOS Errata and Security Advisory CESA-2013:1451 Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...