CVE-2014-0387

CVE-2014-0387 is listed in IBM’s Java vulnerability bulletin as an unspecified issue in JRE/JDK components, affecting IBM SDK Java 2 Technology Edition v5.0 SR16 and earlier, v6 SR15 and earlier, v6.0.1 SR7 and earlier, and v7 SR6 and earlier (and related IBM bundles for 7.x/7.5.x). The IBM entry...

CVE-2013-5902

CVE-2013-5902 is an unspecified vulnerability in Oracle Java SE 6u65 and 7u45, related to the Deployment component, that could allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. The connected advisories (IBM and F5/Java security bulletins) confirm t...

CVE-2013-5910

Summary of CVE-2013-5910 (Oracle Java/JRE) : Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 that could affect integrity via unknown vectors related to Security. IBM and related advisories (e.g., CVEs list in IBM pages) indicate this CVE is included...

OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...

CVE-2013-5878

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not...

CVE-2013-5884

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...

CVE-2013-5878

CVE-2013-5878 affects Oracle Java SE 6u65, 7u45, Java SE Embedded 7u45, and OpenJDK 7 with unspecified security vulnerability that could compromise confidentiality, integrity, and availability. IBM/IBM‑related advisories group this CVE with other Java CPU fixes from Oracle’s January 2014 CPU, not...

CVE-2013-5884

Oracle Java SE 5.0u55, 6u65, 7u45; Java SE Embedded 7u45; and OpenJDK 7 are affected by CVE-2013-5884, described as an unspecified confidentiality flaw via CORBA vectors. The issue is attributed to an incorrect check for code permissions by CORBA stub factories. The MiracleLinux/Nessus advisories...

CVE-2013-5870

Oracle Java SE 7u45 and JavaFX 2.2.45 are affected by an unspecified vulnerability (CVE-2013-5870) that allows remote attackers to impact confidentiality, integrity, and availability via unknown vectors related to JavaFX. The issue is listed among multiple CVEs in Red Hat/RHSA advisories and Gent...

CVE-2014-0368

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

Oracle Releases January 2014 Security Advisory

Oracle has released its Critical Patch Update for January 2014 to address 144 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 22 for Oracle Fusion Middleware 2 for Oracle Hyperion 4 for Oracle E-Business Suite 16 for Oracle...

OpenJDK: XML stream factory finder information leak (JAXP, 8013502)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP...

JDK: unspecified vulnerability fixed in 7u45 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787,...

OpenJDK: insufficient html escaping in jhat (jhat, 8011081)

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat...

JDK: unspecified vulnerability fixed in 7u45 (Deployment)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment...

OpenJDK: Missing CORBA security checks (Libraries, 8017196)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different...

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Oct 2013) - Windows

Oracle Java SE JRE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 (Oct 2013) - Windows

Oracle Java SE JRE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: insufficient privilege checking issue (AWT, 7192977)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

OpenJDK: getEnclosing* checks (Libraries, 8007812)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...