Wednesday Apr 04, 2012

CVE-2011-4576 Information Disclosure vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4576 Information Disclosure vulnerability 5.0 OpenSSL
Solaris 10 SPARC: 147707-03 X86: 146672-04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-0050 Denial of Service (DoS) vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0050 Denial of Service (DoS) vulnerability 5.0 OpenSSL
Solaris 11 11/11 SRU 4a

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4108 Cryptographic Issues vulnerability 4.3 OpenSSL
Solaris 11 11/11 SRU 4a
CVE-2011-4109 Unspecified vulnerability 9.3
CVE-2011-4576 Information Disclosure vulnerability 5.0
CVE-2011-4577 Denial of Service (DoS) vulnerability 4.3
CVE-2011-4619 Denial of Service (DoS) vulnerability 5.0
CVE-2012-0027 Denial of Service (DoS) vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Vulnerabilities in Thunderbird

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3648 Cross-site scripting (XSS) vulnerability 4.3 Thunderbird
Solaris 11 11/11 SRU 04
CVE-2011-3650 Denial of Service(DoS) vulnerability 9.3
CVE-2011-3651 Denial of Service(DoS) vulnerability 10.0
CVE-2011-3652 Denial of Service(DoS) vulnerability 10.0
CVE-2011-3654 Denial of Service(DoS) vulnerability 10.0
CVE-2011-3655 Access Control vulnerability 9.3

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-3375 Information Disclosure vulnerability in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3375 Information Exposure vulnerability 5.0 Apache Tomcat
Solaris 11 11/11 SRU 04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial of Service vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0041 Denial of Service(DoS) vulnerability 1.9 Wireshark
Solaris 11 11/11 SRU 04
CVE-2012-0042 Denial of Service(DoS) vulnerability 2.9
CVE-2012-0043 Buffer Overflow vulnerability 5.4
CVE-2012-0066 Denial of Service(DoS) vulnerability 1.9
CVE-2012-0067 Denial of Service(DoS) vulnerability 1.9
CVE-2012-0068 Buffer Overflow vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-4539 Denial of Service vulnerability in ISC DHCP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4539 Denial of Service vulnerability 5.0 ISC DHCP
Solaris 11 11/11 SRU 04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-3389 Vulnerability in NSS library affects Oracle iPlanet Web Proxy Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3389 Unauthorized information disclosure vulnerability 4.3 NSS
Oracle iPlanet Web Proxy Server 4.0 SPARC: 145604-04 X86: 145606-04 Linux: 145605-04 Windows: 145607-04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-4862 Buffer Overflow vulnerability in Telnet

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4862 Buffer Overflow vulnerability 7.5 Telnet
Solaris 10 SPARC: 148657-01 X86: 148658-01
Solaris 11 11/11 SRU 04

This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.
Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Thunderbird

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-2372 Permissions, Privileges, and Access Controls vulnerability 3.5 Thunderbird
Solaris 11 11/11 SRU 2
CVE-2011-2995 Denial Of Service (DoS) vulnerability 10.0
CVE-2011-2997 Denial Of Service (DoS) vulnerability 10.0
CVE-2011-2998 Denial Of Service (DoS) vulnerability 10.0
CVE-2011-2999 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2011-3000 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3
CVE-2011-3001 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2011-3005 Denial Of Service (DoS) vulnerability 9.3
CVE-2011-3232 Improper Control of Generation of Code ('Code Injection') vulnerability 9.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2012 »
SunMonTueWedThuFriSat
1
2
3
6
7
8
9
10
11
12
13
14
15
16
18
19
21
22
23
24
25
26
27
28
29
30
     
       
Today