MGASA-2015-0158 Updated java-1.7.0-openjdk packages fix security vulnerabilities

Updated java-1.7.0 packages fix security vulnerabilities: An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrust...

Updated java-1.7.0-openjdk packages fix security vulnerabilities

Updated java-1.7.0 packages fix security vulnerabilities: An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrust...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java security update

CentOS Errata and Security Advisory CESA-2015:0807 Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...

java security update

CentOS Errata and Security Advisory CESA-2015:0809 Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Design/Logic Flaw

The DNS implementation in Cisco Adaptive Security Appliance ASA Software 7.2 before 7.25.16, 8.2 before 8.25.57, 8.3 before 8.32.44, 8.4 before 8.47.28, 8.5 before 8.51.24, 8.6 before 8.61.17, 8.7 before 8.71.16, 9.0 before 9.04.33, 9.1 before 9.16.1, 9.2 before 9.23.4, and 9.3 before 9.33 allows...

CVE-2015-0675

The failover ipsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.16, 9.2 before 9.23.3, and 9.3 before 9.33 does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrativ...

CVE-2015-0676

Cisco ASA DNS Memory Exhaustion Vulnerability (CVE-2015-0676) affects ASA Software versions listed in the Cisco advisory/PT-2015-1056. The issue arises in the DNS code when handling outbound queries, enabling a MITM-like sequence to trigger crafted DNS responses that exhaust memory and can cause ...

CVE-2015-1130

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors...

Authentication flaw

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors...

Code injection

The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent aka out-of-band data mechanism, which allows remote attackers to cause a denial of service via crafted packets...

CVE-2015-1130

CVE-2015-1130 affects Apple OS X, specifically the XPC implementation in the Admin Framework, before 10.10.3. It allows local users to bypass authentication and obtain admin privileges via unspecified vectors. Exploitation has been demonstrated (e.g., ROOTPIPE/Rootpipe PoC and Metasploit/CANVAS r...

CVE-2015-1130

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors...

CVE-2015-1105

The TCP implementation in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly implement the Urgent aka out-of-band data mechanism, which allows remote attackers to cause a denial of service via crafted packets...

CVE-2015-1130

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors...

CVE-2015-1130

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

ntpd restrictions bypass

message authentication code implementation is invalid and can be bypasses...