CVSS: 5.8EPSS: 88%CPEs: 72EXPL: 1CVE-2012-0551 – Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0551
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment. Vulnerabilidad no especificada en el componente GlassFish Enterprise Server en Oracle Sun Products Suite GlassFish Enterprise Server v3.1.1 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con Web Container. Security-Assessment.com has discovered that components of the Oracle GlassFish Server administrative web interface are vulnerable to both reflected and stored cross site scripting attacks. All pages where cross site scripting vulnerabilities were discovered require authentication. Oracle GlassFish Server version 3.1.1 build 12 is affected. • https://www.exploit-db.com/exploits/18764 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com&#x •
CVSS: 9.3EPSS: 1%CPEs: 63EXPL: 0CVE-2012-0504
https://notcve.org/view.php?id=CVE-2012-0504
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 2 y anteriores v6 Update 30 y anteriores, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Install y el mecanismo Java Update. • http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/48589 http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html http://www.securityfocus.com/bid/52020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14890 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3555
https://notcve.org/view.php?id=CVE-2011-3555
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, and 7 allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity and availability via unknown vectors. Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE, y v7 permite a aplicaciones Java Web Start y applets Java no confiables afectar a la integridad y la disponibilidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://osvdb.org/76508 http://www.ibm.com/developerworks/java/jdk/alerts http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.securityfocus.com/bid/50237 http://www.securitytracker.com/id?1026215 https://exchange.xforce.ibmcloud.com/vulnerabilities/70838 https://oval.cisecurity.org/repos •
CVSS: 7.6EPSS: 1%CPEs: 54EXPL: 0CVE-2011-3550 – JDK: unspecified vulnerability fixed in 6u29 (AWT)
https://notcve.org/view.php?id=CVE-2011-3550
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7, v6 Update v27 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad de las aplicaciones Java Web Start y applets Java en relación con AWT. • http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48308 http://www.ibm.com/developerworks/java/jdk/alerts http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/ •
CVSS: 1.8EPSS: 0%CPEs: 57EXPL: 0CVE-2011-3561 – JDK: unspecified vulnerability fixed in 6u29 (Deployment)
https://notcve.org/view.php?id=CVE-2011-3561
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. Vulnerabilidad sin especificar en el componente Java Runtime Environment de Oracle Java SE JDK y JRE 7, 6 Update 27 y versiones anteriores, y JavaFX 2.0. Permite a atacantes remotos comprometer la confidencialidad a través de vectores desconocidos relacionados con el despliegue ("Deployment"). • http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://osvdb.org/76513 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48308 http://www.ibm.com/developerworks/java/jdk/alerts http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://ww •