Oracle Fixes 136 Vulnerabilities With April CPU

Oracle fixed 136 vulnerabilities across 46 different products this week as part of its quarterly Critical Patch Update. More than half of the CVEs, 72, could be remotely exploitable without authentication. Fixes for a slew of products, including Oracle’s Database Server, E-Business Suite, Fusion...

Oracle Critical Patch Update Advisory - April 2016

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

CVE-2 0 1 6-0 6 3 6 vulnerability analysis-vulnerability warning-the black bar safety net

0x00 vulnerability profile Vulnerability number: CVE-2 0 1 6-0 6 3 6, this vulnerability is a security researcher Adam Gowdiak in 2 0 1 3 report to the Oracle of the vulnerability, CVE-2 0 1 3-5 8 3 8 the variants. Due to the Oracle on the part of the code in the branch not for the vulnerability ...

Oracle Java SE JRE Unspecified Vulnerability (Mar 2016) - Windows

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre"; ifdescripti...

Oracle Releases Security Update for Java SE

Oracle has released Java SE 8u77 to address a vulnerability in prior versions of the software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply the necessary...

Oracle Java SE Privilege Escalation Vulnerability - Windows

Oracle Java SE JRE is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-0603

Unspecified vulnerability in the Java SE component in Oracle Java SE 6u111, 7u95, 8u71, and 8u72, when running on Windows, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. NOTE: the previous information is from Oracle's Securit...

CVE-2016-0603

Unspecified vulnerability in the Java SE component in Oracle Java SE 6u111, 7u95, 8u71, and 8u72, when running on Windows, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. NOTE: the previous information is from Oracle's Securit...

CVE-2016-0603

CVE-2016-0603 relates to an Oracle Java SE installation-time error that could allow remote code execution. The connected IBM advisories confirm IBM Java SDK/JRE components across multiple IBM products (e.g., IBM Tivoli Monitoring, Host On Demand, Content Classification, Decision Optimization Cent...

Debian DLA-410-1 : openjdk-6 security update (SLOTH)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosure, denial of service and insecure cryptography. CVE-2015-7575 A flaw was found in the way TLS 1.2 could use the MD5 hash functio...

DLA-410-1 openjdk-6 - security update

Bulletin has no description...

CVE-2016-0483

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not...

CVE-2016-0475

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

CVE-2016-0466

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP...

CVE-2016-0475

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

Design/Logic Flaw

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

Design/Logic Flaw

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP...

Code injection

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

CVE-2016-0448

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX...

CVE-2016-0402

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...