Описание
Security update for Java OpenJDK
Oracle Critical Patch Update Advisory - October 2014
Description:
A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities.
Find more information here: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
Ссылки
- Link for SUSE-SU-2015:0336-1
- E-Mail link for SUSE-SU-2015:0336-1
- SUSE Security Ratings
- SUSE Bug 828665
- SUSE Bug 846999
- SUSE Bug 858818
- SUSE Bug 873873
- SUSE Bug 887530
- SUSE Bug 901242
- SUSE Bug 914041
- SUSE Bug 927591
- SUSE CVE CVE-2013-1500 page
- SUSE CVE CVE-2013-1571 page
- SUSE CVE CVE-2013-2407 page
- SUSE CVE CVE-2013-2412 page
- SUSE CVE CVE-2013-2443 page
- SUSE CVE CVE-2013-2444 page
- SUSE CVE CVE-2013-2445 page
- SUSE CVE CVE-2013-2446 page
- SUSE CVE CVE-2013-2447 page
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
Затронутые продукты
Ссылки
- CVE-2013-1500
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
Затронутые продукты
Ссылки
- CVE-2013-1571
- SUSE Bug 824397
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."
Затронутые продукты
Ссылки
- CVE-2013-2407
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient indication of an SSL connection failure by JConsole, related to RMI connection dialog box.
Затронутые продукты
Ссылки
- CVE-2013-2412
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "checking order" within the AccessControlContext class.
Затронутые продукты
Ссылки
- CVE-2013-2443
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files.
Затронутые продукты
Ссылки
- CVE-2013-2444
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "handling of memory allocation errors."
Затронутые продукты
Ссылки
- CVE-2013-2445
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams.
Затронутые продукты
Ссылки
- CVE-2013-2446
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to obtain a socket's local address via vectors involving inconsistencies between Socket.getLocalAddress and InetAddress.getLocalHost.
Затронутые продукты
Ссылки
- CVE-2013-2447
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."
Затронутые продукты
Ссылки
- CVE-2013-2448
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.
Затронутые продукты
Ссылки
- CVE-2013-2449
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper handling of circular references in ObjectStreamClass.
Затронутые продукты
Ссылки
- CVE-2013-2450
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper enforcement of exclusive port binds when running on Windows, which allows attackers to bind to ports that are already in use.
Затронутые продукты
Ссылки
- CVE-2013-2451
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.
Затронутые продукты
Ссылки
- CVE-2013-2452
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
Затронутые продукты
Ссылки
- CVE-2013-2453
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
Затронутые продукты
Ссылки
- CVE-2013-2454
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.
Затронутые продукты
Ссылки
- CVE-2013-2455
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.
Затронутые продукты
Ссылки
- CVE-2013-2456
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.
Затронутые продукты
Ссылки
- CVE-2013-2457
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles."
Затронутые продукты
Ссылки
- CVE-2013-2458
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."
Затронутые продукты
Ссылки
- CVE-2013-2459
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.
Затронутые продукты
Ссылки
- CVE-2013-2460
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
Затронутые продукты
Ссылки
- CVE-2013-2461
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.
Затронутые продукты
Ссылки
- CVE-2013-2463
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Затронутые продукты
Ссылки
- CVE-2013-2465
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.
Затронутые продукты
Ссылки
- CVE-2013-2469
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."
Затронутые продукты
Ссылки
- CVE-2013-2470
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."
Затронутые продукты
Ссылки
- CVE-2013-2471
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.
Затронутые продукты
Ссылки
- CVE-2013-2472
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.
Затронутые продукты
Ссылки
- CVE-2013-2473
- SUSE Bug 825624
- SUSE Bug 828665
- SUSE Bug 829212
- SUSE Bug 829708
Описание
Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2013-3829
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
Затронутые продукты
Ссылки
- CVE-2013-4002
- SUSE Bug 829212
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.
Затронутые продукты
Ссылки
- CVE-2013-5772
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2013-5774
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2013-5778
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2013-5780
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2013-5782
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.
Затронутые продукты
Ссылки
- CVE-2013-5783
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
Затронутые продукты
Ссылки
- CVE-2013-5784
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
Затронутые продукты
Ссылки
- CVE-2013-5790
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
Затронутые продукты
Ссылки
- CVE-2013-5797
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS.
Затронутые продукты
Ссылки
- CVE-2013-5800
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
Затронутые продукты
Ссылки
- CVE-2013-5802
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
Затронутые продукты
Ссылки
- CVE-2013-5803
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
Затронутые продукты
Ссылки
- CVE-2013-5804
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
Затронутые продукты
Ссылки
- CVE-2013-5805
- SUSE Bug 846177
- SUSE Bug 846999
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805.
Затронутые продукты
Ссылки
- CVE-2013-5806
- SUSE Bug 846177
- SUSE Bug 846999
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.
Затронутые продукты
Ссылки
- CVE-2013-5809
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
Затронутые продукты
Ссылки
- CVE-2013-5814
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.
Затронутые продукты
Ссылки
- CVE-2013-5817
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
Затронутые продукты
Ссылки
- CVE-2013-5820
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2013-5823
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
Затронутые продукты
Ссылки
- CVE-2013-5825
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.
Затронутые продукты
Ссылки
- CVE-2013-5829
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2013-5830
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2013-5840
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.
Затронутые продукты
Ссылки
- CVE-2013-5842
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Затронутые продукты
Ссылки
- CVE-2013-5849
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.
Затронутые продукты
Ссылки
- CVE-2013-5850
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.
Затронутые продукты
Ссылки
- CVE-2013-5851
- SUSE Bug 846177
- SUSE Bug 846999
- SUSE Bug 849212
- SUSE Bug 852367
Описание
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2013-5878
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.
Затронутые продукты
Ссылки
- CVE-2013-5884
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2013-5893
- SUSE Bug 858818
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.
Затронутые продукты
Ссылки
- CVE-2013-5896
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
Затронутые продукты
Ссылки
- CVE-2013-5907
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.
Затронутые продукты
Ссылки
- CVE-2013-5910
- SUSE Bug 858818
- SUSE Bug 862064
Описание
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
Затронутые продукты
Ссылки
- CVE-2013-6629
- SUSE Bug 850430
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
- SUSE Bug 880246
Описание
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
Затронутые продукты
Ссылки
- CVE-2013-6954
- SUSE Bug 856522
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2014-0368
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2014-0373
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for "code permissions when creating document builder factories."
Затронутые продукты
Ссылки
- CVE-2014-0376
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
Затронутые продукты
Ссылки
- CVE-2014-0411
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
Затронутые продукты
Ссылки
- CVE-2014-0416
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2014-0422
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.
Затронутые продукты
Ссылки
- CVE-2014-0423
- SUSE Bug 858818
- SUSE Bug 862064
Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
Затронутые продукты
Ссылки
- CVE-2014-0428
- SUSE Bug 858818
- SUSE Bug 862064
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2014-0429
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-0446
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
Затронутые продукты
Ссылки
- CVE-2014-0451
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.
Затронутые продукты
Ссылки
- CVE-2014-0452
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-0453
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-0454
- SUSE Bug 873873
- SUSE Bug 877429
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402.
Затронутые продукты
Ссылки
- CVE-2014-0455
- SUSE Bug 873873
- SUSE Bug 877429
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-0456
- SUSE Bug 873872
- SUSE Bug 873873
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-0457
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423.
Затронутые продукты
Ссылки
- CVE-2014-0458
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2014-0459
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
Затронутые продукты
Ссылки
- CVE-2014-0460
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-0461
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.
Затронутые продукты
Ссылки
- CVE-2014-1876
- SUSE Bug 863305
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-2397
- SUSE Bug 873872
- SUSE Bug 873873
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
Затронутые продукты
Ссылки
- CVE-2014-2398
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455.
Затронутые продукты
Ссылки
- CVE-2014-2402
- SUSE Bug 873873
- SUSE Bug 877429
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
Затронутые продукты
Ссылки
- CVE-2014-2403
- SUSE Bug 873872
- SUSE Bug 873873
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
Затронутые продукты
Ссылки
- CVE-2014-2412
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-2413
- SUSE Bug 873873
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.
Затронутые продукты
Ссылки
- CVE-2014-2414
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2014-2421
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458.
Затронутые продукты
Ссылки
- CVE-2014-2423
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
Затронутые продукты
Ссылки
- CVE-2014-2427
- SUSE Bug 873872
- SUSE Bug 873873
- SUSE Bug 877429
- SUSE Bug 877430
Описание
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
Затронутые продукты
Ссылки
- CVE-2014-2483
- SUSE Bug 887530
Описание
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-2490
- SUSE Bug 887530
Описание
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Затронутые продукты
Ссылки
- CVE-2014-3566
- SUSE Bug 1011293
- SUSE Bug 1031023
- SUSE Bug 901223
- SUSE Bug 901254
- SUSE Bug 901277
- SUSE Bug 901748
- SUSE Bug 901757
- SUSE Bug 901759
- SUSE Bug 901889
- SUSE Bug 901968
- SUSE Bug 902229
- SUSE Bug 902233
- SUSE Bug 902476
- SUSE Bug 903405
- SUSE Bug 903684
- SUSE Bug 904889
- SUSE Bug 905106
- SUSE Bug 914041
- SUSE Bug 994144
Описание
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220.
Затронутые продукты
Ссылки
- CVE-2014-4208
- SUSE Bug 887530
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
Затронутые продукты
Ссылки
- CVE-2014-4209
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-4216
- SUSE Bug 887530
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-4218
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-4219
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4208.
Затронутые продукты
Ссылки
- CVE-2014-4220
- SUSE Bug 887530
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-4221
- SUSE Bug 887530
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.
Затронутые продукты
Ссылки
- CVE-2014-4223
- SUSE Bug 887530
Описание
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-4227
- SUSE Bug 887530
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-4244
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Затронутые продукты
Ссылки
- CVE-2014-4247
- SUSE Bug 887530
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-4252
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-4262
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
Затронутые продукты
Ссылки
- CVE-2014-4263
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-4264
- SUSE Bug 887530
Описание
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-4265
- SUSE Bug 887530
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.
Затронутые продукты
Ссылки
- CVE-2014-4266
- SUSE Bug 887530
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
Затронутые продукты
Ссылки
- CVE-2014-4268
- SUSE Bug 887530
- SUSE Bug 891699
- SUSE Bug 891700
- SUSE Bug 891701
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.
Затронутые продукты
Ссылки
- CVE-2014-4288
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Затронутые продукты
Ссылки
- CVE-2014-6456
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
Затронутые продукты
Ссылки
- CVE-2014-6457
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-6458
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Internet Explorer, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-6466
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-6468
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6527.
Затронутые продукты
Ссылки
- CVE-2014-6476
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Затронутые продукты
Ссылки
- CVE-2014-6485
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-6492
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532.
Затронутые продукты
Ссылки
- CVE-2014-6493
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6502
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532.
Затронутые продукты
Ссылки
- CVE-2014-6503
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-6504
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6506
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2014-6511
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6512
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
Затронутые продукты
Ссылки
- CVE-2014-6513
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2014-6515
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
Затронутые продукты
Ссылки
- CVE-2014-6517
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-6519
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476.
Затронутые продукты
Ссылки
- CVE-2014-6527
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6531
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503.
Затронутые продукты
Ссылки
- CVE-2014-6532
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6549
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2014-6558
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
- SUSE Bug 904889
Описание
Unspecified vulnerability in Oracle Java SE 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6562
- SUSE Bug 901239
- SUSE Bug 901242
- SUSE Bug 901246
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.
Затронутые продукты
Ссылки
- CVE-2014-6585
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2014-6587
- SUSE Bug 914041
Описание
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Затронутые продукты
Ссылки
- CVE-2014-6591
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
Затронутые продукты
Ссылки
- CVE-2014-6593
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2014-6601
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2015-0383
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2015-0395
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Затронутые продукты
Ссылки
- CVE-2015-0400
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2015-0403
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2015-0406
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
Затронутые продукты
Ссылки
- CVE-2015-0407
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
Затронутые продукты
Ссылки
- CVE-2015-0408
- SUSE Bug 914041
Описание
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
Затронутые продукты
Ссылки
- CVE-2015-0410
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.
Затронутые продукты
Ссылки
- CVE-2015-0412
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.
Затронутые продукты
Ссылки
- CVE-2015-0413
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process.
Затронутые продукты
Ссылки
- CVE-2015-0421
- SUSE Bug 914041
Описание
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2015-0437
- SUSE Bug 914041
Описание
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Затронутые продукты
Ссылки
- CVE-2015-0458
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
Затронутые продукты
Ссылки
- CVE-2015-0459
- SUSE Bug 927591
- SUSE Bug 932310
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Затронутые продукты
Ссылки
- CVE-2015-0460
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Затронутые продукты
Ссылки
- CVE-2015-0469
- SUSE Bug 927591
- SUSE Bug 932310
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
Затронутые продукты
Ссылки
- CVE-2015-0477
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
Затронутые продукты
Ссылки
- CVE-2015-0478
- SUSE Bug 927591
- SUSE Bug 944456
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.
Затронутые продукты
Ссылки
- CVE-2015-0480
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.
Затронутые продукты
Ссылки
- CVE-2015-0484
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
Затронутые продукты
Ссылки
- CVE-2015-0488
- SUSE Bug 927591
Описание
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
Затронутые продукты
Ссылки
- CVE-2015-0491
- SUSE Bug 927591
- SUSE Bug 932310
Описание
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.
Затронутые продукты
Ссылки
- CVE-2015-0492
- SUSE Bug 927591