Information Disclosure

🗓️ 02 May 2019 05:12:50Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 35 Views

The java-1.7.0-openjdk packages have multiple security flaws, including bypassing Java sandbox restrictions, XML eXternal Entity (XXE) attack, failure to perform source address checks, Triple Handshake attack, and integrity of encrypted streams

Reporter	Title	Published	Views	Family All 444
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)	20 Dec 201916:10	–	ibm
IBM Security Bulletins	Security Bulletins for Emptoris Program Management	8 Dec 201816:15	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect InfoSphere Streams (CVE-2014-6457, CVE-2014-3566, CVE-2014-3065)	16 Jun 201813:09	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator	17 Jun 201822:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (CVE-2014-3566, CVE-2014-6512, CVE-2014-6457 CVE-2015-0410, CVE-2015-6593)	31 Jan 201901:55	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects Rational Directory Server (CVE-2014-6457, CVE-2014-6593)	17 Jun 201804:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Data Studio Web Console. (CVE-2014-6457, CVE-2014-3065)	16 Jun 201813:08	–	ibm
IBM Security Bulletins	Security Bulletin: October 2014 Java Runtime Environment (JRE) Vulnerabilities in Multiple N series Products	18 Jun 201800:28	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Application Developer for WebSphere (CVE-2014-3566, CVE-2014-3065, CVE-2014-6457)	5 Feb 202000:09	–	ibm

Vulners

Node

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.1.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.8.0.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3.3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.65_2.5.1.2.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.4.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el6_3.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.3_2.1.el6.7

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.3.el6

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.19_2.3.9.1.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.4.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.5.3.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.1.el6_5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.7.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.2.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.3.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.2.el6_4

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.5.3.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.4.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.2.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.55_2.4.7.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.7.1.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.25_2.3.10.5.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.51_2.4.4.2.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.19_2.3.9.1.el5_9

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.65_2.5.1.2.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.el5_9.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.45_2.4.3.1.el5_10

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el5.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.8.0.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.40.1.9.10.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.7.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.62.1.11.11.90.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.13.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.30.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.42.1.10.4.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.2.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.40.1.11.11.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.31.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.42.1.11.14.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.22.1.9.8.el5_6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.8.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.65.1.11.13.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.20.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.27.1.10.8.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.10.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.41.1.10.4.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_6.1.13.4.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.33.1.11.6.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.23.1.9.10.el5_7

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.36.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.65.1.11.14.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.30.1.11.5.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.57.1.11.9.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_4.1.13.1.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_3.1.13.1.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.48.1.11.3.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_3.1.13.1.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_7.1.13.4.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.9.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_5.1.13.3.el6_5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.36.1.11.9.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.18.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.35.1.11.8.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.66.1.13.0.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.43.1.10.6.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.56.1.11.8.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_6.1.13.4.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.49.1.11.4.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.54.1.11.6.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.11.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.45.1.11.1.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.24.1.10.4.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.7.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.17.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_11.1.13.4.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.25.1.10.6.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.25.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.50.1.11.5.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.41.1.11.11.90.el5_9

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.16.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_5.1.13.3.el5_10

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.61.1.11.11.el6_4

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.b17.el6_0

java-1.8.0-openjdk java-1.8.0-openjdkMatch1.8.0.20_3.b26.el6

Source	Link
secunia	www.secunia.com/advisories/60414
secunia	www.secunia.com/advisories/60416
secunia	www.secunia.com/advisories/60417
secunia	www.secunia.com/advisories/61018
secunia	www.secunia.com/advisories/61020
secunia	www.secunia.com/advisories/61143
secunia	www.secunia.com/advisories/61163
secunia	www.secunia.com/advisories/61164
secunia	www.secunia.com/advisories/61346
secunia	www.secunia.com/advisories/61609

13 May 2022 16:46Current

4.7Medium risk

Vulners AI Score4.7

CVSS 26.8

EPSS0.09411