Wednesday Apr 04, 2012

CVE-2009-2042 Information Exposure vulnerability in libpng

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-2042 Information Exposure vulnerability 4.3 PNG reference library (libpng)
Solaris 10 SPARC: 137080-04 X86: 137081-04
Solaris 9 SPARC: 139382-03 X86: 139383-03
Solaris 8 SPARC: 114816-04 X86: 114817-04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service vulnerabilities in libpng

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-5266 Denial of Service (DoS) vulnerability 4.3 PNG reference library (libpng)
Solaris 10 SPARC: 137080-03 X86: 137081-03
Solaris 9 SPARC: 139382-02 114822-06 X86: 139383-02
Solaris 8 SPARC: 114816-04 X86: 114817-04
CVE-2007-5267 Denial of Service (DoS) vulnerability 4.3
CVE-2007-5268 Denial of Service (DoS) vulnerability 4.3
CVE-2007-5269 Denial of Service (DoS) vulnerability 5.0
CVE-2008-1382 Denial of Service (DoS) vulnerability 7.5
CVE-2008-3964 Denial of Service (DoS) vulnerability 4.3
CVE-2009-0040 Denial of Service (DoS) vulnerability 6.8

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service vulnerabilities in Quagga

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3323 Denial of Service (DoS) vulnerability 5.0 Quagga
Solaris 10 SPARC: 126206-09 X86: 126207-09
Solaris 11 11/11 SRU 4
CVE-2011-3324 Denial of Service (DoS) vulnerability 5.0
CVE-2011-3325 Denial of Service (DoS) vulnerability 5.0
CVE-2011-3326 Denial of Service (DoS) vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service vulnerabilities in Quagga

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-4826 Denial of Service (DoS) vulnerability 3.5 Quagga
Solaris 10 SPARC: 126206-09 X86: 126207-09
Solaris 11 11/11 SRU 4
CVE-2009-1572 Denial of Service (DoS) vulnerability 5.0
CVE-2010-1674 Denial of Service (DoS) vulnerability 5.0
CVE-2010-1675 Denial of Service (DoS) vulnerability 5.0
CVE-2010-2948 Denial of Service (DoS) vulnerability 6.5
CVE-2010-2949 Denial of Service (DoS) vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Ghostscript

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-4270 Denial of Service (DoS) vulnerability 9.3 Ghostscript
Solaris 10 SPARC: 122259-05 X86: 122260-05
CVE-2010-1628 Memory Corruption vulnerability 9.3
CVE-2010-1869 Buffer Overflow vulnerability 9.3
CVE-2010-2055 Arbitrary Code Execution vulnerability 7.2

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service vulnerabilities in Ghostscript

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-4270 Denial of Service (DoS) vulnerability 9.3 Ghostscript
Solaris 10 SPARC: 122259-05 X86: 122260-05
CVE-2010-4054 Denial of Service (DoS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2009-5022 Buffer Overflow vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-5022 Buffer Overflow vulnerability 6.8 LibTIFF
Solaris 8 SPARC: 139093-03 X86: 139094-03
Solaris 9 SPARC: 125673-05 X86: 125674-05
Solaris 10 SPARC: 119900-13 X86: 119901-12

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-2595 Denial of Service (DoS) vulnerability 4.3 LibTIFF
Solaris 10 SPARC: 119900-13 X86: 119901-12
CVE-2010-4665 Denial of Service (DoS) vulnerability 4.3
CVE-2011-0192 Denial of Service (DoS) vulnerability 9.3
CVE-2011-1167 Buffer Overflow vulnerability 6.8

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2010-4665 Denial of Service (DoS) vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-4665 Denial of Service (DoS) vulnerability 4.3 LibTIFF
Solaris 9 SPARC: 125673-05 X86: 125674-05
Solaris 8 SPARC: 139093-03 X86: 139094-03

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-4619 Denial of Service (DoS) vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4619 Denial of Service (DoS) vulnerability 5.0 OpenSSL
Solaris 10 SPARC: 147707-03 X86: 146672-04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Categories
Archives
« April 2012 »
SunMonTueWedThuFriSat
1
2
3
6
7
8
9
10
11
12
13
14
15
16
18
19
21
22
23
24
25
26
27
28
29
30
     
       
Today