OpenJDK: incorrect range checks in LambdaFormEditor (Libraries, 8184185)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

SUSE-SU-2017:1385-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Version update to 7.1-4.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number...

CVE-2017-1000357

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 Lithium-SR3, 3.4 Lithium-SR4, 4.0...

CVE-2017-1000357

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 Lithium-SR3, 3.4 Lithium-SR4, 4.0...

Design/Logic Flaw

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 Lithium-SR3, 3.4 Lithium-SR4, 4.0...

CVE-2017-1000357

Denial of Service attack when the switch rejects to receive packets from the controller. Component: This vulnerability affects OpenDaylight odl-l2switch-switch, which is the feature responsible for the OpenFlow communication. Version: OpenDaylight versions 3.3 Lithium-SR3, 3.4 Lithium-SR4, 4.0...

SUSE-SU-2017:0460-1 Security update for java-1_8_0-ibm

This update for java-180-ibm to version 8.0-4.0 fixes a lot of security issues bsc1024218: Following CVEs are fixed: CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2017-325...

SUSE-SU-2017:0346-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 bsc1020905 Upgrade to version jdk8u121 icedtea 3.3.0: - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution...

Oracle Java SE Remote Vulnerability (CNVD-2017-00901)

Oracle Java SE is the United States Oracle Oracle company's set of standard version of the Java platform for the development and deployment of desktop, server, and embedded devices and real-time environments in the Java application. A security vulnerability exists in the Deployment subcomponent o...

OpenJDK: kerberos realm name leak (JGSS, 8048030)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS...

Security update for java-1_8_0-openjdk (important)

This update for java-180-openjdk to version jdk8u77-b03 fixes the following security issue: CVE-2016-0636: Improve MethodHandle consistency, which had allowed attackers to execute code. bsc972468 This update was imported from the SUSE:SLE-12-SP1:Update update project...

Update Java version bundled found in the installer to a version >= 1.8u71

Update the bundled version of java to a version = 1.8u71 1.8 update 71, which fixes many security issues http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlAppendixJAVA. Included in the security fixes is a fix for CVE-2016-0483 "An out-of-bounds write flaw was found in the...

OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries...

OpenJDK: RSA blinding issues (Security, 8031346)

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

Java Web Start Double Quote Injection Remote Code Execution

No description provided by source. ======================================================== Java Web Start Double Quote Inject Remote Code Execution ======================================================== Date: Jun 12 2012 updated: Jun 6 2013 Author: Rh0 Version: At least Java 1.6.31 to 1.6.35 a...

Oracle Java APPLET Tag Children Property Memory Corruption

No description provided by source. Source: http://skypher.com/index.php/2010/10/13/issue-18-oracle-java-applet-childre/ SCRIPT o=document.createElementapplet; setTimeoutfunction x=o.children; location.reload; , 1; /SCRIPT Tested with: Windows XP sp3 5.1.2600 MSIE 7.0.5730.13 MSIE 8.0.6001.18702 S...

Java Applet Driver Manager Privileged toString() Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class...

JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...