Tuesday Jul 16, 2013

CVE-2012-5621 Denial of Service (DoS) vulnerability in Ekiga

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5621 Denial of Service (DoS) vulnerability 5.0 Ekiga
Solaris 11.1 11.1.9.5.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple integer overflow vulnerabilities in GEGL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4433 Numeric Errors vulnerability 7.5 GEGL (Generic Graphics Library)
Solaris 11.1 11.1.9.5.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-1416 Denial of Service (DoS) vulnerability in Kerberos

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1416 Denial of Service (DoS) vulnerability 4.0 Kerberos
Solaris 11.1 11.1.9.5.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Apache HTTP Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3607 Numeric Errors vulnerability 4.4 Apache HTTP Server
Solaris 10 SPARC: 122911-32 X86: 122912-32
Solaris 8 SPARC: 116973-10 X86: 116974-10
Solaris 9 SPARC: 113146-16 X86: 114145-15
CVE-2012-2687 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 2.6
CVE-2012-3499 Cross-site scripting (XSS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-3374 Buffer Overflow vulnerability in Pidgin

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3374 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 Pidgin
Solaris 10 SPARC: 147992-06 X86: 147993-06
Solaris 11.1 11.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-6329 Code Injection vulnerability in Perl 5.8

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6329 Code Injection vulnerability 7.5 Perl 5.8
Solaris 10 SPARC: 148561-05 X86: 148562-05
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-0814 Credentials Management vulnerability in SSH

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0814 Credentials Management vulnerability 3.5 SSH
Solaris 10 SPARC: 148104-11 X86: 148105-11
Solaris 11.1 11.1.7.5.0
Solaris 9 SPARC: 122300-68 X86: 122301-68

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2010-5107 Denial of Service vulnerability in SSH

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-5107 Denial of Service vulnerability 5.0 SSH
Solaris 10 SPARC: 148104-11 X86: 148105-11
Solaris 11.1 11.1.7.5.0
Solaris 9 SPARC: 122300-68 X86: 122301-68

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-0338 Denial of Service (DoS) vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0338 Denial of Service (DoS) vulnerability 4.3 libxml2
Solaris 10 SPARC: 125731-10 X86: 125732-10
Solaris 11.1 11.1.7.5.0
Solaris 9 SPARC: 114014-30 X86: 114015-30

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-2807 Numeric Errors vulnerability in libxslt

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2807 Numeric Errors vulnerability 10.0 libxslt
Solaris 9 SPARC: 114014-30 X86: 114015-30
Solaris 10 SPARC: 125731-09 X86: 125732-09
Solaris 11.1 11.1.5.5

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« July 2013 »
SunMonTueWedThuFriSat
 
1
3
4
5
6
7
8
9
10
11
12
13
14
15
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
   
       
Today