Mozilla Firefox < 3.5.16 Multiple Vulnerabilities

Binary data 5728.prm...

Firefox < 3.5.16 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.5.16. Such versions are potentially affected by multiple vulnerabilities : - Multiple memory corruption issues could lead to arbitrary code execution. MFSA 2010-74 - On the Windows platform, when 'document.write' is called with a very long string...

Mozilla SeaMonkey 2.0.x < 2.0.11 Multiple Vulnerabilities

Binary data 801283.prm...

Mozilla Firefox < 3.5.16 Multiple Vulnerabilities

Binary data 801351.prm...

Mozilla Firefox 3.6.x < 3.6.13 Multiple Vulnerabilities

Binary data 5727.prm...

OpenJDK local network address disclosure (6952603)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors...

OpenJDK ICC Profile remote code execution (6963489)

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

Apple Ships Java Patches, Says It May Drop Java From Future OS X Releases

Apple has shipped security fixes for a number of bugs in its Java implementation, and the company also said that it has deprecated its Java implementation in OS X and may remove it from future release of the operating system. Apple’s patch release on Wednesday included several fixes for...

OpenJDK ICU Opentype layout engine crash (6963285)

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

Cross site scripting

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when th...

CVE-2010-1871

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when th...

CVE-2010-1871

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when th...

CVE-2010-1871

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when th...

CVE-2010-1871

CVE-2010-1871 affects JBoss Seam 2 (jboss-seam2) as used in Red Hat Linux’s JBoss Enterprise Application Platform 4.3.0. The vulnerability stems from inadequate sanitization of inputs to JBoss Expression Language (EL) expressions, enabling remote code execution via a crafted URL when the Java Sec...

Important: Red Hat Security Advisory: jboss-seam2 security update

Updated jboss-seam2 packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CP...

RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0339)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java-1.6.0-openjdk security update

1:1.6.0.0-1.11.b16.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.11.b16.el5 - Remove javaws alternative due to conflict with java-1.6.0-sun's alternatives 1:1.6.0-1.10.b16 - Update to openjdk build b16 - Update to icedtea6-1.6 - Added tzdata-java requirement - Added autoconf and automake buil...

OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from...

OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597)

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CP...