3428 matches found
Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 8 Update 5, 7 Update 55, 6 Update 75, or 5 Update 65. It is, therefore, potentially affected by security issues in the following components : - 2D - AWT - Deployment - Hotspot - JAX-WS -...
CVE-2014-0446
CVE-2014-0446 is an Oracle Java SE vulnerability described as unspecified, affecting Libraries in Java SE 5.0u61, 6u71, 7u51, 8 and Java SE Embedded 7u51. The IBM and related bulletins enumerate this CVE among a broader set of Java CPU fixes, with affected IBM SDK/JAVA editions and WebSphere/Info...
UBUNTU-CVE-2014-2421
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...
UBUNTU-CVE-2014-0446
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
UBUNTU-CVE-2014-2398
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc...
Oracle Java SE远程安全漏洞
BUGTRAQ ID: 64927 CVECAN ID: CVE-2013-5878 Java SE 是基于JDK和JRE的Java平台标准版的简称,用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。 Oracle Java SE 6u65、7u45, Java SE Embedded 7u45, OpenJDK 7在实现上存在安全漏洞,被未经身份验证的远程攻击者成功利用后可影响完整性、可用性、机密性。 0 Oracle Java SE 7u45 Oracle Java SE 6u65 厂商补丁: Oracle ------...
Oracle Java SE Privilege Escalation Vulnerability (Feb 2014) - Windows
Oracle Java SE is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:jre";...
Oracle Java SE Privilege Escalation Vulnerability (Feb 2014) - Linux
Oracle Java SE is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-1876
CVE-2014-1876 is an IBM/Oracle Java vulnerability where unpacker::redirect_stdio in unpack200 could fail to securely create temporary files when a log file cannot be opened, enabling local symlink attacks on /tmp/unpack.log. Public advisories show this affects Oracle Java SE 5/6/7/8 families and ...
OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
Xxe
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the Janua...
CVE-2014-0403
CVE-2014-0403 is an Oracle Java SE vulnerability impacting Java 6u65 and 7u45, with confidentiality and integrity risk via unknown deployment vectors. The Connected documents confirm this CVE is part of multiple Oracle Java CPU fixes and show affected IBM Java SDK versions (5.0/6/7 families) with...
CVE-2014-0376
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the...
CVE-2013-5893
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented...
CVE-2013-5893
CVE-2013-5893 affects Oracle Java SE 7u45 (and Java Embedded 7u45) and OpenJDK 7. The vulnerability is described as unspecified but exploitable via unknown vectors related to Libraries, with notes that it may relate to improper handling of MethodHandles in HotSpot JVM, potentially escaping the sa...
CVE-2013-5895
CVE-2013-5895 is described as an unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 that could affect confidentiality via unknown JavaFX-related vectors. The initial description does not specify exploit details, impact scope beyond confidentiality, or concrete CVE root cause. Publ...
CVE-2013-5896
CVE-2013-5896 is described as an unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 (also in Java SE Embedded 7u45 and OpenJDK 7) that allows remote attackers to affect availability via CORBA-related vectors. IBM-related connected docs corroborate that this family of Java SE CVEs ...
CVE-2013-5898
CVE-2013-5898 is an Oracle Java SE vulnerability (6u65/7u45) that enables remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment. Public documentation in the initial entry confirms the vulnerability class and affected Java versions; IBM’s January 2014 C...
CVE-2014-0368
CVE-2014-0368 is an unspecified Oracle Java JRE/JDK vulnerability affecting confidentiality via unknown networking vectors; Oracle’s Jan 2014 CPU lists it among multiple Java SE CVEs. IBM product advisories mirror this family, noting CVE-2014-0368 among affected IBM SDK/JAVA components shipped wi...
CVE-2014-0382
CVE-2014-0382 affects Oracle Java SE 7u45 and JavaFX 2.2.45, with an unspecified vulnerability that could affect availability via unknown JavaFX-related vectors. The NVD notes a MEDIUM severity (CVSS v2 base 4.3; AV:N/AC:M/Au:N/C:N/I:N/A:P). Public connected documents corroborate the same product...