Tuesday Jul 15, 2014

CVE-2014-0075 Numeric Errors vulnerability in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0075 Numeric Errors vulnerability 5.0 Apache Tomcat
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0096 Permissions, Privileges, and Access Control vulnerability in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0096 Permissions, Privileges, and Access Control vulnerability 4.3 Apache Tomcat
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0099 Numeric Errors vulnerability in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0099 Numeric Errors vulnerability 4.3 Apache Tomcat
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0119 Permissions, Privileges, and Access Control vulnerability in Apache Tomcat

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0119 Permissions, Privileges, and Access Control vulnerability 4.3 Apache Tomcat
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-2125 HTTPS to HTTP redirection vulnerability in RubyGems

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2125 HTTPS to HTTP redirection vulnerability 5.8 RubyGems
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-2126 Cryptographic Issues vulnerability in RubyGems

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2126 Cryptographic Issues vulnerability 4.3 RubyGems
Solaris 11.1 11.1.21.4.1

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Lighttpd

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-2323 SQL Injection vulnerability 7.5 Lighttpd
Solaris 11.1 11.1.21.4.1
CVE-2014-2324 Path Traversal vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in GNU Libtasn1

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3468 Numeric Errors vulnerability 6.8 GNU Libtasn1
Solaris 11.1 11.1.21.4.1
CVE-2014-3469 Denial of Service(DoS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« July 2014 »
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
22
23
24
25
26
27
28
29
30
  
       
Today