Tuesday Dec 17, 2013

Multiple Buffer Errors vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1960 Buffer Errors vulnerability 9.3 LibTIFF
Solaris 11.1 11.1.14.5.0
CVE-2013-1961 Buffer Errors vulnerability 9.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-4564 Design Error vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4564 Design Error vulnerability 6.8 LibTIFF
Solaris 11.1 11.1.14.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Cryptographic Issues vulnerabilities in Ruby

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4287 Cryptographic Issues vulnerability 4.3 Ruby
Solaris 11.1 11.1.14.5.0
CVE-2013-4363 Cryptographic Issues vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-6336 Input Validation vulnerability 4.3 Wireshark
Solaris 11.1 11.1.14.5.0
CVE-2013-6337 Insufficient Information vulnerability 4.3
CVE-2013-6338 Input Validation vulnerability 4.3
CVE-2013-6339 Input Validation vulnerability 4.3
CVE-2013-6340 Input Validation vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Tuesday Dec 10, 2013

Multiple vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-5717 Input Validation vulnerability 4.3 Wireshark
Solaris 11.1 11.1.13.6.0
CVE-2013-5718 Permissions, Privileges, and Access Control vulnerability 4.3
CVE-2013-5719 Resource Management Errors vulnerability 4.3
CVE-2013-5720 Buffer Errors vulnerability 5.0
CVE-2013-5721 Input Validation vulnerability 4.3
CVE-2013-5722 Insufficient Information vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« December 2013 »
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
11
12
13
14
15
16
18
19
20
21
22
23
24
25
26
27
28
29
30
31
    
       
Today