Tuesday Oct 15, 2013

CVE-2013-4238 Input Validation vulnerability in Python

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4238 Input Validation vulnerability 4.3 Python
Solaris 11.1 11.1.12.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5667 Heap Buffer Overflow vulnerability in GNU Grep

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5667 Heap Buffer Overflow vulnerability 4.4 GNU Grep
Solaris 10 SPARC: 149067-01 X86: 149068-01
Solaris 11.1 11.1.7.5.0
Solaris 9 SPARC: 149069-01 114014-31 X86: 114015-31 149070-01

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5526 Configuration vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5526 Configuration vulnerability 5.0 Perl 5.8
Solaris 11.1 11.1.11.4.0
Solaris 10 SPARC: 148561-06 X86: 148562-06

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Perl 5.8

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2004-0452 Race condition vulnerability 2.6 Perl 5.8
Solaris 10 SPARC: 148561-06 X86: 148562-06
Solaris 11.1 11.1.11.4.0
CVE-2005-0156 Buffer overflow vulnerability 2.1
CVE-2005-0448 Race condition vulnerability 1.2
CVE-2005-4278 Untrusted search path vulnerability 7.2
CVE-2010-1158 Numeric Errors vulnerability 5.0
CVE-2011-2939 Numeric Errors vulnerability 5.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-1896 Denial of Service (DoS) vulnerability in Apache HTTP Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1896 Permissions, Privileges, and Access Control 4.3 Apache HTTP Server
Solaris 10 SPARC: 120543-32 X86: 120544-32
Solaris 11.1 11.1.11.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Apache HTTP Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3499 Cross-Site Scripting (XSS) vulnerability 4.3 Apache HTTP Server
Solaris 10 SPARC: 120543-32 X86: 120544-32
Solaris 11.1 11.1.11.4.0
CVE-2013-1862 Cryptographic Issues vulnerability 5.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« October 2013 »
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
16
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today