Friday Oct 18, 2013

Multiple vulnerabilities in Firefox

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3982 Denial of service (DoS) vulnerability 10.0 Firefox
Solaris 10 SPARC: 145080-13 X86: 145081-12
CVE-2012-3983 Denial of service (DoS) vulnerability 10.0
CVE-2012-3986 Permissions, Privileges, and Access Controls vulnerability 6.4
CVE-2012-3988 Resource Management Errors vulnerability 9.3
CVE-2012-3990 Resource Management Errors vulnerability 10.0
CVE-2012-3991 Permissions, Privileges, and Access Controls vulnerability 9.3
CVE-2012-3992 Permissions, Privileges, and Access Controls vulnerability 5.8
CVE-2012-3993 Design Error vulnerability 9.3
CVE-2012-3994 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-3995 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4179 Resource Management Errors vulnerability 10.0
CVE-2012-4180 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4181 Resource Management Errors vulnerability 10.0
CVE-2012-4182 Resource Management Errors vulnerability 10.0
CVE-2012-4183 Resource Management Errors vulnerability 10.0
CVE-2012-4184 Permissions, Privileges, and Access Controls vulnerability 9.3
CVE-2012-4185 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4186 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4187 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4188 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-4192 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2012-4193 Design Error vulnerability 9.3
CVE-2012-4194 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-4195 Permissions, Privileges, and Access Controls vulnerability 5.1
CVE-2012-4196 Permissions, Privileges, and Access Controls vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Note: Solaris 10 patches SPARC: 145080-13 X86: 145081-12 contain the fix for all CVEs between Firefox version 10.0.7 and 10.0.12.

Thursday Oct 17, 2013

CVE-2012-6329 Code Injection vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6329 Code Injection vulnerability 7.5 Perl 5.12
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5195 Buffer Errors vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5195 Buffer Errors vulnerability 7.5 Perl 5.8
Solaris 10 SPARC: 148561-06 X86: 148562-06
Solaris 11.1 11.1.11.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2010-2761 Code Injection Vulnerability in perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-2761 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Perl 5.6
Solaris 10 SPARC : 146032-05 x86 : 146033-05
Solaris 9 SPARC : 119449-03 , x86 : 119450-04

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-3597 Improper Input Validation vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3597 Improper Input Validation vulnerability 7.5 Perl 5.8
Solaris 10 SPARC: 146032-04 X86: 146033-04
Solaris 11 11/11 SRU 9.5

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5195 Heap Buffer Overrun vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5195 Heap Buffer Overrun vulnerability 5.1 Perl 5.12
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5526 Configuration vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5526 Configuration vulnerability 5.0 Perl 5.12
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2010-2761, CVE-2010-4411 Vulnerabilities in CGI.pm Perl Module in Solaris 10

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2010-2761 Failure to Control Generation of Code ('Code Injection') vulnerability 4.3 Perl 5.8
Solaris 10 SPARC: 141552-04 X86: 141553-04
CVE-2010-4411 Unspecified vulnerability in CGI.pm 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-2728 Denial of Service (DoS) vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-2728 Denial of Service (DoS) vulnerability 4.3 Perl 5.6
Solaris 10 SPARC: 146032-03 X86: 146033-03
Solaris 9 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2011-2728 Denial of Service Vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-2728 Denial of Service Vulnerability 4.3 Perl 5.8
Solaris 10 SPARC: 146032-03 X86: 146033-03
Solaris 11 11/11 SRU 3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« October 2013 »
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
16
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today