Tuesday Oct 16, 2012

CVE-2012-3524 Permissions, Privileges, and Access Controls vulnerability in libdbus

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3524 Permissions, Privileges, and Access Controls vulnerability 6.9 libdbus
Solaris 11 11/11 SRU 12.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-4128 Buffer Overflow vulnerability in gnutls

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 gnutls
Solaris 11 11/11 SRU 12.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in fetchmail

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3389 Improper Input Validation vulnerability 4.3 fetchmail
Solaris 11 11/11 SRU 12.4
CVE-2012-3482 Denial of Service vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-3461 Denial of Service vulnerability in libotr

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3461 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 4.3 libotr
Solaris 11 11/11 SRU 12.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2009-2260 Information Exposure vulnerability in Stardict

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-2260 Information Exposure vulnerability 5.0 Stardict
Solaris 11 11/11 SRU 12.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-1182 Arbitrary code execution vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1182 Arbitrary code execution vulnerability 10 Samba
Solaris 10 SPARC: 119757-22 x86: 119758-22
Solaris 11 11/11 SRU 7.5
Solaris 9 SPARC: 114684-18 x86: 114685-18

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-5035 Denial of service (DoS) vulnerability in Oracle Virtual Desktop Infrastructure (VDI)

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-5035 Denial of service (DoS) vulnerability 5.0 Apache Tomcat
VDI 3.3 Linux Solaris
VDI 3.2 Solaris

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-0719 Denial of Service (DoS) vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-0719 Denial of Service (DoS) vulnerability 5.0 Samba
Solaris 10 SPARC: 119757-20 x86: 119758-20
Solaris 9 SPARC: 114684-18 x86: 114685-18

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« October 2012 »
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
10
11
12
13
14
15
17
18
19
20
21
22
24
25
26
27
28
29
31
   
       
Today