Tuesday Apr 15, 2014

Multiple symlink attack vulnerabilities in logilab-commons

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-1838 symlink attack vulnerability 4.4 logilab-commons
Solaris 11.1 11.1.18.5.0
CVE-2014-1839 symlink attack vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2007-0227 Information Disclosure vulnerability in slocate

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-0227 Information Disclosure vulnerability 5.0 slocate
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0015 Authentication Issues vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0015 Authentication Issues vulnerability 4.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4545 Cryptographic Issues vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4545 Cryptographic Issues vulnerability 4.3 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-1944 Information Disclosure vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1944 Information Disclosure vulnerability 5.0 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-2174 Buffer Errors vulnerability in libcurl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-2174 Buffer Errors vulnerability 6.8 libcurl
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability in Grails

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1833 Permissions, Privileges, and Access Controls vulnerability 5.0 Grails
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2007-1859 Improper Authentication vulnerability in XScreenSaver

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-1859 Improper Authentication vulnerability 4.6 XScreenSaver
Solaris 10 SPARC: 120094-35 X86: 120095-35

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerabilities in FreeType

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5668 Buffer Errors vulnerability 4.3 FreeType
Solaris 10 SPARC: 119812-18 X86: 119813-20
Solaris 11.1 11.1.18.5.0
CVE-2012-5669 Buffer Errors vulnerability 4.3
CVE-2012-5670 Buffer Errors vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014 »
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today