Tuesday Jan 14, 2014

CVE-2009-0179 Denial of Service(DoS) vulnerability in Libmikmod

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2009-0179 Denial of Service(DoS) vulnerability 4.3 Libmikmod
Solaris 11.1 11.1.15.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerability in LibProxy

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4504 Buffer Errors vulnerability 10.0 LibProxy
Solaris 11.1 11.1.15.4.0
CVE-2012-4505 Buffer Errors vulnerability 10.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4232 Resource Management Errors vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4232 Resource Management Errors vulnerability 6.8 LibTIFF
Solaris 11.1 11.1.15.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4231 Buffer overflow vulnerability in LibTIFF

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4231 Buffer overflow vulnerability 4.3 LibTIFF
Solaris 11.1 11.1.15.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4123 Input Validation vulnerability in Squid

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4123 Input Validation vulnerability 5.0 Squid
Solaris 11.1 11.1.15.4.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Ruby

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4164 Buffer Errors vulnerability 6.8 Ruby
Solaris 11.1 11.1.15.4.0
CVE-2013-4287 Cryptographic Issues vulnerability 4.3
CVE-2013-4363 Cryptographic Issues vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-0870 Buffer overflow vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0870 Buffer overflow vulnerability 7.9 Samba
Solaris 9 SPARC: 114684-19 X86: 114685-19

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4475 Access control vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4475 Permissions, Privileges, and Access Control vulnerability 4.0 Samba
Solaris 10 SPARC: 119757-30 X86: 119758-30
Solaris 11.1 11.1.14.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-6139 Denial of Service (DoS) vulnerability in LibXSLT

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6139 Denial of Service (DoS) vulnerability 5.0 libxslt
Solaris 10 SPARC: 125731-11 X86: 125732-11
Solaris 11.1 11.1.11.4.0
Solaris 9 SPARC: 114014-32 X86: 114015-32

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in libxslt

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-1202 Information Disclosure vulnerability 5.0 libxslt
Solaris 10 SPARC: 125731-09 X86: 125732-09
Solaris 11.1 11.1.4.5
Solaris 9 SPARC: 114014-32 X86: 114015-32
CVE-2012-2825 Improper Input Validation vulnerability 5.0
CVE-2012-2870 Resource Management Errors vulnerability 4.3
CVE-2012-2871 Denial of service (DoS) vulnerability 6.8
CVE-2012-2893 Resource Management Errors vulnerability 6.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« January 2014 »
SunMonTueWedThuFriSat
   
1
3
4
5
6
7
8
9
10
11
12
13
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
       
Today