Thursday Apr 17, 2014

CVE-2013-5211 Input Validation vulnerability in NTP

CVE Description CVSSv2 Base Score Component Product Resolution
CVE-2013-5211 Input Validation vulnerability 5.0 NTP V4 Solaris 11.1 11.1.13.6.0
Solaris 10 SPARC: 143725-02 X86: 143726-02
NTP V3 Solaris 10 Add noquery directive in ntp.conf
Solaris 9
Solaris 8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Apr 15, 2014

CVE-2013-4496 Credentials Management vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4496 Credentials Management vulnerability 5.0 Samba
Solaris 10 Patches planned but not yet available
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0092 Cryptographic Issues vulnerability in GnuTLS

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0092 Cryptographic Issues vulnerability 5.8 GnuTLS
Solaris 10 Patches planned but not yet available
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple symlink attack vulnerabilities in logilab-commons

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-1838 symlink attack vulnerability 4.4 logilab-commons
Solaris 11.1 11.1.18.5.0
CVE-2014-1839 symlink attack vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2007-0227 Information Disclosure vulnerability in slocate

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-0227 Information Disclosure vulnerability 5.0 slocate
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0015 Authentication Issues vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0015 Authentication Issues vulnerability 4.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4545 Cryptographic Issues vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4545 Cryptographic Issues vulnerability 4.3 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-1944 Information Disclosure vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1944 Information Disclosure vulnerability 5.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-2174 Buffer Errors vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-2174 Buffer Errors vulnerability 6.8 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability in Grails

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability 5.0 Grails
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today