CVE-2013-5888 – JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5888
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en oracle Java SE 6u65 y 7u45, cuando corre bajo GNOME, permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://osvdb.org/102023 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://rhn.redhat.com/errata/RHSA-2014-0134.html http://rhn.redhat.com/errata •
CVE-2013-5878 – OpenJDK: null xmlns handling issue (Security, 8025026)
https://notcve.org/view.php?id=CVE-2013-5878
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox. Una vulnerabilidad no especificada en Oracle Java SE versiones 6u65 y 7u45, Java SE Embedded versión 7u45 y OpenJDK 7, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con la Seguridad. NOTA: la información anterior procede de la CPU de enero de 2014. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l •
CVE-2013-5887 – JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5887
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u65 y 7u45 permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://osvdb.org/102013 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://rhn.redhat.com/errata/RHSA-2014-0134.html http://rhn.redhat.com/errata •
CVE-2013-5852 – JDK: unspecified vulnerability fixed in 7u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5852
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5832. Vulnerabilidad no especificada en Oracle Java SE 7u40 y versiones anteriores, Java SE 6u60 y versiones anteriores y Java SE Embedded 7u40 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Deployment, una vulnerabilidad diferente a CVE-2013-5787, CVE-2013-5789, CVE-2013-5824 y CVE-2013-5832. • http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://osvdb.org/98543 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63130 https://access.redhat.com/errata/RHSA-2014:0414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18983 https://access.redhat.com/security/cve/CVE-2013-5852 •
CVE-2013-5851 – OpenJDK: XML stream factory finder information leak (JAXP, 8013502)
https://notcve.org/view.php?id=CVE-2013-5851
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JAXP. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://osvdb.org/98558 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447.html http://rhn.redhat.com/errata/RHSA-2013-1451.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://rhn.redhat.com/errata/RHSA-2013-1 •