Thursday Jul 31, 2014

CVE-2013-1969 Resource Management Errors vulnerability in Libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1969 Resource Management Errors vulnerability 7.5 Libxml2
Solaris 11.2 11.2

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-4276 Buffer Errors vulnerability in LittleCMS

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4276 Buffer Errors vulnerability 4.3 LittleCMS
Solaris 11.2 11.2

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerabilities in ImageMagick

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-1947 Buffer Errors vulnerability 6.8 ImageMagick
Solaris 11.2 11.2
CVE-2014-1958 Buffer Errors vulnerability 6.8
CVE-2014-2030 Buffer Errors vulnerability 6.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Puppet

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4761 Arbitrary Code Execution vulnerability 5.1 Puppet
Solaris 11.2 11.2
CVE-2013-4956 Permissions, Privileges, and Access Control vulnerability 3.6

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Django

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0472 Code Injection vulnerability 5.1 Django
Solaris 11.2 11.2
CVE-2014-0473 Permissions, Privileges, and Access Control vulnerability 5.0
CVE-2014-0474 Resource Management Errors vulnerability 10.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2013-0913 Numeric Errors vulnerability in Direct Rendering Manager (DRM) i915 driver

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0913 Numeric Errors vulnerability 7.2 Direct Rendering Manager (DRM) i915 driver
Solaris 11.2 11.2

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0076 Cryptographic Issues vulnerability 4.3 OpenSSL
Solaris 11.2 11.2
CVE-2014-0160 Buffer Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-2751 Improper Input Validation vulnerability in ModSecurity

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2751 Improper Input Validation vulnerability 4.3 ModSecurity
Solaris 11.2 11.2

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Ejabberd

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-4320 Resource Management Errors vulnerability 4.0 Ejabberd
Solaris 11.2 11.2
CVE-2013-6169 Cryptographic Issues vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-3479 Arbitrary Code Execution vulnerability in Emacs

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3479 Arbitrary Code Execution vulnerability 6.8 Emacs
Solaris 11.2 11.2

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« July 2014 »
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
22
23
24
25
26
27
28
29
30
  
       
Today