JBoss Seam 2 Remote Command Execution

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. This modules also has been tested...

OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity,...

Firefox Java update ready to stop BEAST attacks

Firefox Java update ready to stop BEAST attacks Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework. Johnath, the...

Important: Red Hat Security Advisory: JBoss Communications Platform 5.1.1 update

JBoss Communications Platform 5.1.1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

VulnCheck KEV: CVE-2010-1871

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured...

Important: Red Hat Security Advisory: jboss-seam security update

An updated jboss-seam.jar file for JBoss Enterprise Application Platform 4.3.0.CP09 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: jboss-seam2 security update

Updated jboss-seam2 packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.1.1 update

JBoss Enterprise Application Platform 5.1.1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, whi...

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 5.1.1 update

Updated JBoss Enterprise Application Platform 5.1.1 packages that fix one security issue and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...

java-1.6.0-openjdk security update

1.6.0.0-1.39.1.9.8 - Resolves: rhbz709375 - Bumped to IcedTea6 1.9.8 - Copy fontconfig files to match names for current and next release - RH706250, S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win - RH706106, S6618658, CVE-2011-0865:...

Important: Red Hat Security Advisory: jboss-seam security update

An updated jboss-seam.jar file for JBoss Enterprise Application Platform 4.3.0.CP09 and 5.1.0 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scori...

Important: Red Hat Security Advisory: jboss-seam2 security update

Updated jboss-seam2 packages that fix one security issue are now available for JBoss Enterprise Application Platform 5.1 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

java security update

CentOS Errata and Security Advisory CESA-2011:0281 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

OpenJDK DNS cache poisoning by untrusted applets (6981922)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors...

Moderate: Red Hat Security Advisory: java-1.6.0-ibm security update

Updated java-1.6.0-ibm packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring Syst...

java-1.6.0-openjdk security update

1.6.0.0-1.36.b17 - removed plugin. How it comes in?! - Resolves: rhbz676295 1.6.0.0-1.33.b17 - bumped release number, it was accidentaly reduced, and now lower version then last one was released. - Resolves: rhbz676295 1.6.0.0-1.22.b17 - Updated to 1.7.9 tarball - removed patch6, fixed upstrream ...

java-1.6.0-openjdk security update

1:1.6.0.0-1.17.b17.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.17.b17.el5 - Updated to 1.7.7 tarball - Resolves: bz668487 - Also resolves bz668488...

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-74 Miscellaneous memory safety hazards rv:1.9.2.13/ 1.9.1.16 MFSA 2010-75 Buffer overflow while line breaking after document.write with long string MFSA 2010-76 Chrome privilege escalation with window.open and isindex element MFSA 2010-77 Crash and remote...

SeaMonkey 2.0.x < 2.0.11 Multiple Vulnerabilities

Binary data 5731.prm...