Tuesday Nov 20, 2012

CVE-2012-0698 Denial of Service (DoS) vulnerability in tcsd

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0698 Denial of Service (DoS) vulnerability 5.0 tcsd
Solaris 11 11/11 SRU 13.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4285 Numeric Errors vulnerability 3.3 Wireshark
Solaris 11 11/11 SRU 13.4
CVE-2012-4286 Numeric Errors vulnerability 4.3
CVE-2012-4287 Resource Management Errors vulnerability 5.0
CVE-2012-4288 Numeric Errors vulnerability 3.3
CVE-2012-4289 Resource Management Errors vulnerability 3.3
CVE-2012-4290 Resource Management Errors vulnerability 3.3
CVE-2012-4291 Resource Management Errors vulnerability 3.3
CVE-2012-4292 Improper Input Validation vulnerability 3.3
CVE-2012-4293 Numeric Errors vulnerability 3.3
CVE-2012-4294 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 5.8
CVE-2012-4295 Denial of Service (DoS) vulnerability 3.3
CVE-2012-4296 Resource Management Errors vulnerability 3.3
CVE-2012-4297 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 8.3
CVE-2012-4298 Numeric Errors vulnerability 5.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-4339 Access Controls vulnerability in ipmitool

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4339 Permissions, Privileges, and Access Controls vulnerability 3.6 ipmitool
Solaris 10 SPARC: 119764-07 X86: 119765-07
Solaris 11 11/11 SRU 13.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2008-3529 Buffer overflow vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2008-3529 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0 libxml2
Solaris 10 SPARC: 125731-07 X86: 125732-07
Solaris 9 SPARC: 114014-29 X86: 114015-29

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-0216 Denial of Service (DoS) vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-0216 Numeric Errors vulnerability 9.3 libxml2
Solaris 10 SPARC: 125731-07 X86: 125732-07
Solaris 11 11/11 SRU 10.5
Solaris 9 SPARC: 114014-29 X86: 114015-29

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-3102 Numeric Errors vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3102 Numeric Errors vulnerability 10.0 libxml2
Solaris 9 SPARC: 114014-29 X86: 114015-29
Solaris 11 11/11 SRU 10.5
Solaris 10 SPARC : 125731-08 , x86 : 125732-08

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-0841 Denial of Service (DoS) vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0841 Denial of Service (DoS) vulnerability 5.0 libxml2
Solaris 11 11/11 SRU 10.5
Solaris 10 SPARC: 125731-08 X86: 125732-08
Solaris 9 SPARC: 114014-29 X86: 114015-29

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service (DoS) vulnerabilities in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3905 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 5.0 libxml2
Solaris 9 SPARC: 114014-29 X86: 114015-29
Solaris 10 SPARC: 125731-07 X86: 125732-07
Solaris 11 11/11 SRU 10.5
CVE-2011-3919 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service (DoS) vulnerabilities in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-2821 Resource Management Errors vulnerability 7.5 libxml2
Solaris 11 11/11 SRU 10.5
Solaris 9 SPARC: 114014-29 X86: 114015-29
Solaris 10 SPARC: 125731-07 X86: 125732-07
CVE-2011-2834 Resource Management Errors vulnerability 6.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-1944 Denial of Service (DoS) vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-1944 Numeric Errors vulnerability 9.3 libxml2
Solaris 10 SPARC: 125731-07 X86: 125732-07
Solaris 9 SPARC: 114014-29 X86: 114015-29

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Categories
Archives
« November 2012 »
SunMonTueWedThuFriSat
    
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
21
22
23
24
25
26
27
28
29
30
 
       
Today