Disable SSLv3 in outgoing HTTPS connections from Confluence

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-36165. panel SSLv3 is an old protocol and has been superseded by TLSv1.0, TLSv1.1 and TLSv1.2. TLSv1.0 was first defined in...

RHEL 7 : java-1.7.0-oracle (RHSA-2014:1657)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1657 advisory. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes severa...

RedHat Update for java-1.7.0-openjdk RHSA-2014:1620-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0890)

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Oracle July 2014 Critical Patch Update

Never one to skimp on patches, Oracle is expected to release 113 of them tomorrow as part of its quarterly Critical Patch Update. The company also clarified that Java 7 versions will continue to work on the end-of-life Microsoft Windows XP platform and Oracle security updates for Java on XP...

Java 7 Applet Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class...

SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)

IBM Java 7 was updated to version SR7, which received security and bug fixes. More information is available at: http://www.ibm.com/developerworks/java/jdk/aix/j764/Java764.fixes.htm lSR7 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Apache Tomcat 不完整修复拒绝服务漏洞

BUGTRAQ ID: 65767 CVECAN ID: CVE-2013-4322 Apache Tomcat是一个流行的开源JSP应用服务器程序。 Tomcat 8.0.0-RC1-8.0.0-RC5、Tomcat 7.0.0-7.0.47、Tomcat 6.0.0-6.0.37在实现上存在拒绝服务漏洞，攻击者可利用此漏洞造成拒绝服务。该漏洞源于CVE-2012-3544的不完整修复。所有使用Oracle Java 7 1.7, 1.7.0的系统都受到影响。Oracle Java 7 Update...

Java 7 Update 5-10 vulnerability to download and execute

This exploit affects several versions of Java, as seen from the description, it downloads and runs the file. Usage Info All material comes with source code and you can easily gather exploit you only need to mark you address the file to your. Traffic to be poured on the file 1.html as shown in the...

Java 7 Update 11 vulnerability to download and execute

Java 7 Update 11 vulnerability to download and execute. With this applet you can boot from a remote host and execute the file, bypassing pisochnitsy java, also affected and older. Usage Info All material is provided with source code, and you will be able to easily assemble ready exploit replacing...

SuSE 11.2 / 11.3 Security Update : IBM Java 7 (SAT Patch Numbers 8565 / 8566)

IBM Java 7 SR6 has been released and fixes lots of bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

SUSE-SU-2015:1086-3 Security update for IBM Java 7

IBM Java 7 SR6 has been released and fixes lots of bugs and security issues. More information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/ Security Issue references: CVE-2013-5458 CVE-2013-5456 CVE-2013-5457 CVE-2013-4041 CVE-2013-5375 CVE-2013-5372 CVE-2013-5843...

[SET v5.4] The Social-Engineer Toolkit "Walkers"

TrustedSec is proud to announce the release of The Social-Engineer Toolkit SET v5.4 codename “Walkers”. This version has a significant amount of changes, performance upgrades, bug fixes, and efficiency. This blog post will cover some of the major highlights from Java 7 Update 45 and how to get...

Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit

Hackers are using a new exploit for a bug in the out-of-date but popular Java 6 platform to attack victims, and has been added to a commercially available Neutrino exploit kit. The use of Java 6 still is prevalent, opening up a significant number of users to the threat. F-secure analyst Timo...

Another Java 6 Vulnerability Found in the Wild

Unless you have an Oracle product that requires Java 6 or are paying for support for that version of the platform, you’d seen the last publicly available updates as of February. That doesn’t mean attackers have pushed back from targeting Java 6, and that certainly doesn’t mean that organizations...

Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit

Hackers are using a new exploit for a bug in the out-of-date but popular Java 6 platform to attack victims, and has been added to a commercially available Neutrino exploit kit. The use of Java 6 still is prevalent, opening up a significant number of users to the threat. F-secure analyst Timo...

CVE-2013-3007

Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006...

CVE-2013-3006

Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008...

Security feature bypass

Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006...