Thursday May 22, 2014

Multiple vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2281 Input Validation vulnerability 4.3 Wireshark
Solaris 11.1 11.1.19.6.0
CVE-2014-2282 Buffer Errors vulnerability 4.3
CVE-2014-2283 Buffer Errors vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-4037 XSS vulnerability in Transmission

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4037 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 2.6 Transmission
Solaris 11.1 11.1.19.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3544 Input Validation vulnerability 5.0 Apache Tomcat
Solaris 10 Patches planned but not yet available
Solaris 11.1 11.1.19.6.0
CVE-2013-1571 Insufficient Information vulnerability 4.3
CVE-2013-4286 Input Validation vulnerability 5.8
CVE-2013-4322 Input Validation vulnerability 4.3
CVE-2013-4590 Information Disclosure vulnerability 4.3
CVE-2014-0033 Input Validation vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-0200 Link Following vulnerability in HPLIP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0200 Link Following vulnerability 1.9 HPLIP
Solaris 11.1 11.1.19.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-2270 Buffer Errors vulnerability in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2270 Buffer Errors vulnerability 4.3 PHP
Solaris 11.1 11.1.19.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-1943 Resource Management Errors vulnerability in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-1943 Resource Management Errors vulnerability 5.0 PHP
Solaris 11.1 11.1.19.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerabilities in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-6420 Buffer Errors vulnerability 7.5 PHP
Solaris 11.1 11.1.19.6.0
CVE-2013-6712 Buffer Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4248 Input Validation vulnerability in PHP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4248 Input Validation vulnerability 4.3 PHP
Solaris 11.1 11.1.19.6.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4496 Credentials Management vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4496 Credentials Management vulnerability 5.0 Samba
Solaris 10 SPARC: 119757-32 X86: 119758-32
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4238 Input Validation vulnerability in Python

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4238 Input Validation vulnerability 4.3 Python
Solaris 10 SPARC: 143506-07 X86: 143507-07
Solaris 11.1 11.1.12.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« May 2014 »
SunMonTueWedThuFriSat
    
1
2
3
4
5
6
7
8
9
10
11
13
14
15
16
17
18
19
20
21
23
24
25
26
27
28
29
30
31
       
Today