Wednesday Jun 19, 2013

CVE-2012-1573 Denial of Service vulnerability in gnutls

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1573 Cryptographic Issues vulnerability 5.0 gnutls
Solaris 11.1 11.1.8.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Jun 18, 2013

Multiple vulnerabilities in Squid

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5643 Input Validation vulnerability 5.0 Squid
Solaris 11.1 11.1.8.4.0
CVE-2013-0189 Buffer Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Jun 11, 2013

Lucky Thirteen vulnerability in Sun QFS and Sun Storage Archive Manager OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0166 Cryptographic Issues vulnerability 5.0 OpenSSL
Sun QFS and Sun Storage Archive Manager 5.3 16425062
Sun QFS and Sun Storage Archive Manager 5.2 Patches planned but not yet available
Sun QFS and Sun Storage Archive Manager 5.1 Patches planned but not yet available
CVE-2013-0169 Cryptographic Issues vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Permissions, Privileges, and Access Control vulnerabilities in Sudo

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1775 Permissions, Privileges, and Access Control vulnerability 6.9 Sudo
Solaris 11.1 11.1.7.5.0
Solaris 10 SPARC: 16920591 X86: 16920595
CVE-2013-1776 Permissions, Privileges, and Access Control vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Jun 04, 2013

Multiple vulnerabilities in Apache HTTP server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3499 Cross-Site Scripting vulnerability 4.3 Apache HTTP server
Solaris 10 SPARC: 120543-31 X86: 120544-31
Solaris 11.1 11.1.7.5.0
CVE-2012-4558 Cross-Site Scripting vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« June 2013 »
SunMonTueWedThuFriSat
      
1
2
3
5
6
7
8
9
10
12
13
14
15
16
17
20
21
22
23
24
25
26
27
28
29
30
      
Today