Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2012/01/25 12:0 a.m.277 views

Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : openjdk-6, openjdk-6b18 regression (USN-1263-2) (BEAST)

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

10CVSS8.2AI score0.96714EPSS
Exploits19References15
Ubuntu
Ubuntu
added 2012/01/24 9:7 p.m.92 views

USN-1263-2: OpenJDK 6 regression

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

8.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/01/19 12:0 a.m.43 views

RHEL 6 : java-1.6.0-ibm (RHSA-2012:0034)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0034 advisory. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes...

10CVSS7.6AI score0.96714EPSS
Exploits19References40
RedHat Linux
RedHat Linux
added 2012/01/18 7:22 p.m.8 views

OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown...

10CVSS7.4AI score0.03277EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/11/17 12:0 a.m.54 views

Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities (USN-1263-1) (BEAST)

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

10CVSS8.5AI score0.96714EPSS
Exploits19References15
Ubuntu
Ubuntu
added 2011/11/16 8:31 p.m.87 views

USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

10CVSS8.4AI score0.96714EPSS
Exploits19
RedHat Linux
RedHat Linux
added 2009/11/12 6:15 p.m.6 views

Java Web Start Buffer unpack200 processing integer overflow (6830335)

Integer overflow in the unpack200 utility in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to...

10CVSS6.2AI score0.04324EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/12/04 3:45 p.m.6 views

OpenJDK Jar200 Decompression buffer overflow (6755943)

Integer overflow in the JAR unpacking utility unpack200 in the unpack library unpack.dll in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JA...

9.3CVSS7.7AI score0.0306EPSS
Exploits1References4
Rows per page
Query Builder