Thursday Apr 17, 2014

CVE-2013-5211 Input Validation vulnerability in NTP

By Ritwik Ghoshal on Apr 17, 2014

CVE Description CVSSv2 Base Score Component Product Resolution
CVE-2013-5211 Input Validation vulnerability 5.0 NTP V4 Solaris 11.1 11.1.13.6.0
Solaris 10 SPARC: 143725-02 X86: 143726-02
NTP V3 Solaris 10 Add noquery directive in ntp.conf
Solaris 9
Solaris 8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

Tuesday Apr 15, 2014

CVE-2013-4496 Credentials Management vulnerability in Samba

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4496 Credentials Management vulnerability 5.0 Samba
Solaris 10 Patches planned but not yet available
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2014-0092 Cryptographic Issues vulnerability in GnuTLS

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0092 Cryptographic Issues vulnerability 5.8 GnuTLS
Solaris 10 Patches planned but not yet available
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

Multiple symlink attack vulnerabilities in logilab-commons

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-1838 symlink attack vulnerability 4.4 logilab-commons
Solaris 11.1 11.1.18.5.0
CVE-2014-1839 symlink attack vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2007-0227 Information Disclosure vulnerability in slocate

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-0227 Information Disclosure vulnerability 5.0 slocate
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2014-0015 Authentication Issues vulnerability in libcurl

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0015 Authentication Issues vulnerability 4.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2013-4545 Cryptographic Issues vulnerability in libcurl

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4545 Cryptographic Issues vulnerability 4.3 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2013-1944 Information Disclosure vulnerability in libcurl

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1944 Information Disclosure vulnerability 5.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2013-2174 Buffer Errors vulnerability in libcurl

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-2174 Buffer Errors vulnerability 6.8 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability in Grails

By Ritwik Ghoshal on Apr 15, 2014

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability 5.0 Grails
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Category: Alerts

Tags: none

Permanent link to this entry | Comments [0]

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today