CVE-2011-0871 – OpenJDK: MediaTracker created Component instances with unnecessary privileges (Swing, 7020198)
https://notcve.org/view.php?id=CVE-2011-0871
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) de Oracle Java SE v6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite a aplicaciones remotas no confiables Java Web Start y Java applets para afectar la confidencialidad, la integridad, y la disponibilidad a través de vectores desconocidos relacionados con Swing. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •
CVE-2011-0867 – OpenJDK: NetworkInterface information leak (Networking, 7013969)
https://notcve.org/view.php?id=CVE-2011-0867
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite a aplicaciones remotas Java Web Start y Java applets no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con Networking. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •
CVE-2011-0869 – OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)
https://notcve.org/view.php?id=CVE-2011-0869
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 26 y anteriores permite a aplicaciones Java Web Start y Java applets no confiables afectar la confidencialidad a través de vectores desconocidos relacionados con SAAJ. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/44818 http://secunia.com •
CVE-2011-0864 – OpenJDK: JVM memory corruption via certain bytecode (HotSpot, 7020373)
https://notcve.org/view.php?id=CVE-2011-0864
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web Start y Java applets que no son de confianza afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con HotSpot. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://marc.info/?l=bugtraq&m=132439520301822&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://secunia.com/advisories/44818 http://secunia.com/advisories/44930 http://secunia.com/advisories/49198 http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.avaya.com/css/ •
CVE-2011-0865 – OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)
https://notcve.org/view.php?id=CVE-2011-0865
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 6 Update 25 y anteriores, v5.0 Update 29 y anteriores, y v1.4.2_31 y anteriores permite aplicaciones Java Web Start y Java applets que no son de confianza afectar la integridad a través de vectores desconocidos relacionados con la deserialización. • http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2011-08 •