Tuesday Apr 15, 2014

CVE-2013-4242 Information Disclosure vulnerability in libgcrypt

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4242 Information Disclosure vulnerability 1.9 libgcrypt
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0591 Buffer Errors vulnerability in Bind

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0591 Buffer Errors vulnerability 2.6 Bind
Solaris 10 SPARC: 119783-28 X86: 119784-28
Solaris 11.1 11.1.16.5.0
Solaris 9 SPARC: 112837-30 X86: 114265-29

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2007-1859 Improper Authentication vulnerability in XScreenSaver

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-1859 Improper Authentication vulnerability 4.6 XScreenSaver
Solaris 10 SPARC: 120094-35 X86: 120095-35

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerabilities in FreeType

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5668 Buffer Errors vulnerability 4.3 FreeType
Solaris 10 SPARC: 119812-18 X86: 119813-20
Solaris 11.1 11.1.18.5.0
CVE-2012-5669 Buffer Errors vulnerability 4.3
CVE-2012-5670 Buffer Errors vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Apr 01, 2014

Multiple vulnerabilities in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1635 Permissions, Privileges, and Access Control vulnerability 7.5 PHP
Solaris 11.1 11.1.17.5.0
CVE-2013-1643 Information Disclosure vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4113 Buffer Errors vulnerability in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4113 Buffer Errors vulnerability 6.8 PHP
Solaris 11.1 11.1.17.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4718 Permissions, Privileges, and Access Control vulnerability 6.8 PHP
Solaris 11.1 11.1.17.5.0
CVE-2013-2110 Buffer Errors vulnerability 5.0
CVE-2013-4113 Buffer Errors vulnerability 6.8
CVE-2013-4248 Input Validation vulnerability 4.3
CVE-2013-4635 Numeric Errors vulnerability 5.0
CVE-2013-4636 Input Validation vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2688 Unspecified vulnerability 10.0 PHP
Solaris 11.1 11.1.17.5.0
CVE-2012-3365 Permissions, Privileges, and Access Controls vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Memcached

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0179 Buffer Errors vulnerability 1.8 Memcached
Solaris 11.1 11.1.17.5.0
CVE-2013-7239 Authentication Issues vulnerability 4.8
CVE-2013-7290 Buffer Errors vulnerability 1.8
CVE-2013-7291 Buffer Errors vulnerability 1.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-2469 Denial of Service(DoS) vulnerability in Lighthttpd

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2469 Denial of Service(DoS) vulnerability 5.0 Lighthttpd
Solaris 11.1 11.1.17.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today