Tuesday Oct 09, 2012

Multiple vulnerabilities in Pidgin

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2214 Resource Management Errors vulnerability 3.5 Pidgin
Solaris 10 SPARC : 147992-04 , x86 : 147993-04
Solaris 11 11/11 SRU 10.5
CVE-2012-2318 Improper Input Validation vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-3236 Buffer overflow vulnerability in Gimp

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3236 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 Gimp
Solaris 10 SPARC : 149106-01 , x86 : 149107-01
Solaris 11 11/11 SRU 11.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-2895 Buffer Overflow vulnerability in X.Org

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-2895 Buffer Overflow vulnerability 9.3 X.Org
Solaris 8 SPARC : 119067-12 , x86 : 119068-12
Solaris 10 SPARC: 125719-41 119059-60 X86: 119060-59 125720-51
Solaris 9 SPARC: 112785-66 X86: 112786-55

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in PostgreSQL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3488 Permissions, Privileges, and Access Controls vulnerability 5.8 PostgreSQL
Solaris 10 SPARC : 138822-11 , 138824-11 , 138826-11 x86 : 138823-11 , 138825-11 , 138827-11
CVE-2012-3489 Improper Input Validation vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« October 2012 »
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
10
11
12
13
14
15
17
18
19
20
21
22
24
25
26
27
28
29
31
   
       
Today