Lucene search

K

Veracode Vulnerability DatabaseVERACODE:18038

HistoryMay 02, 2019 - 6:11 a.m.

Denial Of Service (DoS)

2019-05-0206:11:09

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

zlib is vulnerable to denial of service attacks. A remote user is able to cause an application crash resulting in denial of service conditions. The vulnerability affects the function inflateMark in the library zlib of the file inflate.c.

CPENameOperatorVersion
java-1.8.0-ibmeq1.8.0.4.1__1jpp.1.el6_8
java-1.7.1-ibmeq1.7.1.4.1__1jpp.1.el6_8
java-1.7.1-ibmeq1.7.1.3.40__1jpp.1.el6_7
java-1.6.0-ibmeq1.6.0.10.1__1jpp.5.el6_2
java-1.6.0-ibmeq1.6.0.16.2__1jpp.1.el6
java-1.6.0-ibmeq1.6.0.9.1__1jpp.1.el6
java-1.6.0-ibmeq1.6.0.16.7__1jpp.1.el6_7
java-1.6.0-ibmeq1.6.0.15.0__1jpp.1.el6
java-1.6.0-ibmeq1.6.0.16.0__1jpp.1.el6
java-1.6.0-ibmeq1.6.0.14.0__1jpp.1.el6_4

Rows per page:

1-10 of 301

References

lists.opensuse.org/opensuse-updates/2016-12/msg00127.html

lists.opensuse.org/opensuse-updates/2017-01/msg00050.html

lists.opensuse.org/opensuse-updates/2017-01/msg00053.html

www.openwall.com/lists/oss-security/2016/12/05/21

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

www.securityfocus.com/bid/95131

www.securitytracker.com/id/1039427

access.redhat.com/errata/RHSA-2017:1220

access.redhat.com/errata/RHSA-2017:1221

access.redhat.com/errata/RHSA-2017:1222

access.redhat.com/errata/RHSA-2017:2999

access.redhat.com/errata/RHSA-2017:3046

access.redhat.com/errata/RHSA-2017:3047

access.redhat.com/errata/RHSA-2017:3453

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1402348

developer.ibm.com/javasdk/support/security-vulnerabilities/

github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958

lists.debian.org/debian-lts-announce/2019/03/msg00027.html

lists.debian.org/debian-lts-announce/2020/01/msg00030.html

security.gentoo.org/glsa/201701-56

security.gentoo.org/glsa/202007-54

support.apple.com/HT208112

support.apple.com/HT208113

support.apple.com/HT208115

support.apple.com/HT208144

usn.ubuntu.com/4246-1/

usn.ubuntu.com/4292-1/

wiki.mozilla.org/images/0/09/Zlib-report.pdf

wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib

www.oracle.com/security-alerts/cpujul2020.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Related for VERACODE:18038

debiancve1 prion1 alpinelinux1 osv4 ubuntucve1 cve1 ibm82 nessus47 debian2 openvas36 gentoo2 mageia1 freebsd1 cloudfoundry2 ubuntu2 thn1 photon1 redhat6 suse6 aix1