EMC M&R (Watch4Net) suffers from heap overflow, remote file upload, insecure cryptographic storage, cross site scripting, ntp-related, java-related, and path traversal vulnerabilities.
7adceeb57a3368887bb1d10e104821dd7f027effb3815bf97aaaae498b047491HP Security Bulletin HPSBUX03218 SSRT101770 1 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
94ebf6c705c710f905d053f25be0e44fcdc1195480870f11c988e8209853cf74Debian Linux Security Advisory 3080-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
c4e7cdd0bd1e5a071af57287aa0313a992085bc58105154e911275c7c49ee5eeDebian Linux Security Advisory 3077-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
62c0314467aa2c9895f33a70b2c2b807f397a7842f9458256402276ac4e2ab97Mandriva Linux Security Advisory 2014-209 - Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk. The updated packages provides a solution for these security issues.
89ada4715362388984529bf817915d8424e6bd940d71e8b056eab22a0cbab21bUbuntu Security Notice 2388-1 - A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. Various other issues were also addressed.
e0eb566de7e39ffdb026c018c7a44ee54cef451df75e5535fcaeed0492f8515eUbuntu Security Notice 2388-2 - USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.
4693a6bd44cd1e3723cd23fa1afcd9712920e3f66c3e4cc92286cfc16b6dacfeUbuntu Security Notice 2386-1 - A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. CVE-2014-6531) Various other issues were also addressed.
27516fbfd3750f2c8ef45e526f6e9b25fa9a981360faaca853fc7f641418c225Red Hat Security Advisory 2014-1658-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
74b34328e206bb3ad082c05fff6d4e9b00b70ae5ff34acd205d0fe4dab6419bbRed Hat Security Advisory 2014-1657-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
28be6a9b543d73b1ba4ad3c71920043df3d3709d7b4226afe1d43d157a769f7fRed Hat Security Advisory 2014-1636-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.
0e4e99699e8366da4b4ef5c7f4a8d7d98e03c00aff69d7ac28b7fec1c3a3e2a0Red Hat Security Advisory 2014-1634-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity attack against applications using the StAX parser to parse untrusted XML documents.
ff889b003b294350056f06337bcc49df675acd480cfe9adebf5926206260a7ccRed Hat Security Advisory 2014-1620-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity attack against applications using the StAX parser to parse untrusted XML documents.
e42b953beb5349a59d8789d82e00888eadc63967a980ca64c3607073df9c6497Red Hat Security Advisory 2014-1633-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity attack against applications using the StAX parser to parse untrusted XML documents.
dbe571c9220e78db49cf806a2546d176a1421fbc369806f3d7a8123e1702ca85
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed