Page 26 of 398 results (0.010 seconds)

CVSS: 10.0EPSS: 5%CPEs: 241EXPL: 0

CVE-2013-0425 – OpenJDK: logging insufficient access control checks (Libraries, 6664509)

https://notcve.org/view.php?id=CVE-2013-0425

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. Vulnerabilidad sin especificar en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 a la Update 11, 6 a la Update 38, y v5.0 a la Update 38, y v1.4.2_40 y anteriores, permite que atacantes remotos comprometan la integridad, confidencialidad y disponibilidad a través de vectores no especificados relacionados con "Libraries". Vulnerabilidad distinta de CVE-2013-0428 y CVE-2013-0426. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907344 http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ce105dd2e4de http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html http://marc.info/?l=bugtraq&m=136439120408139& •

CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0

CVE-2012-3202

https://notcve.org/view.php?id=CVE-2012-3202

Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085. Múltiples vulnerabilidades no especificadas en el componente Oracle JRockit en Oracle Fusion Middleware v28.2.4 y anteriores, y v27.7.3 y versiones anteriores, cuando se utiliza JDK/JRE v5 o v6, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. NOTE: esto solapa CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.securityfocus.com/bid/56050 •

CVSS: 5.0EPSS: 0%CPEs: 224EXPL: 0

CVE-2012-5079 – OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)

https://notcve.org/view.php?id=CVE-2012-5079

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y versiones anteriores, 6 Update 35 y versiones anteriores, 5.0 Update 36 y versiones anteriores y 1.4.2_38 y versiones anteriores permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Libraries, una vulnerabilidad diferente a CVE-2012-5073. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat •

CVSS: 0EPSS: 0%CPEs: 224EXPL: 0

CVE-2012-5085 – OpenJDK: disable Gopher support by default (Gopher, 7189567)

https://notcve.org/view.php?id=CVE-2012-5085

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores y v1.4.2_38 y anteriores permite a usuarios remotos autenticados tener un impacto no especificado a través de vectores desconocidos relacionados con la red. NOTA: el CPU de Oracle indica este problema tiene una puntuación CVSS v0.0. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1385.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://secunia.com/advi •

CVSS: 5.0EPSS: 2%CPEs: 224EXPL: 0

CVE-2012-5081 – OpenJDK: JSSE denial of service (JSSE, 7186286)

https://notcve.org/view.php?id=CVE-2012-5081

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores y v1.4.2_38 y anteriores permite a atacantes remotos afectar a la disponibilidad. Se trata de un problema relacionado con JSSE. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat •