CVE-2013-5904 – JDK: unspecified vulnerability fixed in 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5904
Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://osvdb.org/101993 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://secunia.com/advisories/56485 http://secunia.com/advisories/56535 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64890 http://www.securitytracker.com/id/1029608 https://exchange.xforce.ibmcloud.com/vulnerabilities/90336 https://h20566.www2.hpe.com/p •
CVE-2014-0376 – OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)
https://notcve.org/view.php?id=CVE-2014-0376
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for "code permissions when creating document builder factories." Vulnerabilidad sin especificar en Oracle Java SE 5.0u55, 6u65, y 7u45, y Java SE Embedded 7u45, permite a atacantes remotos afectar a la integridad a través de vectores relacionados con JAXP. • http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opens •
CVE-2014-0375 – JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2014-0375
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403. Vulnerabilidad sin especificar en Oracle Java SE 6u65 y 7u45 permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Deployment, una vulnerabilidad diferente a CVE-2014-0403. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://osvdb.org/102007 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://rhn.redhat.com/errata/RHSA-2014-0134.html http://rhn.redhat.com/errata •
CVE-2013-5870 – JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-5870
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Oracle Java SE 7u45 y JavaFX 2.2.45 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con JavaFX. • http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://osvdb.org/101994 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://secunia.com/advisories/56484 http://secunia.com/advisories/56485 http://secunia.com/advisories/56535 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64929 http://www.securitytracker.com/id/1029608 https://exchange.xforce.ibmcloud.com/vulnerabilities/90 •
CVE-2013-5884 – OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)
https://notcve.org/view.php?id=CVE-2013-5884
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories. Vulnerabilidad no especificada en Oracle java SE 5.0u55, 6u65 y 7u45 y Java SE Embedded 7u45, permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con CORBA. • http://hg.openjdk.java.net/jdk7u/jdk7u/corba/rev/b1548473f261 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.inf •