Tuesday Aug 19, 2014

CVE-2013-0900 Race Conditions vulnerability in ICU

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0900 Race Conditions vulnerability 6.8 International Components for Unicode (ICU)
Solaris 10 SPARC: 119810-08 X86: 119811-08
Solaris 11.1 11.1.16.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Horizon

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3473 cross-site scripting (XSS) vulnerability 4.3 OpenStack Horizon
Solaris 11.2 11.2.1.5.0
CVE-2014-3474 cross-site scripting (XSS) vulnerability 4.3
CVE-2014-3475 cross-site scripting (XSS) vulnerability 4.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-4020 Numeric Errors vulnerability in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-4020 Numeric Errors vulnerability 4.3 Wireshark
Solaris 11.2 11.2.1.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3520 Privilege Escalation vulnerability in OpenStack Keystone

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3520 Privilege Escalation vulnerability 3.5 OpenStack Identity (Keystone)
Solaris 11.2 11.2.1.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0191 Denial of Service(DOS) vulnerability in Libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0191 Denial of Service(DOS) vulnerability null Libxml2
Solaris 11.2 11.2.1.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« August 2014 »
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
7
8
10
11
12
13
14
15
16
17
18
20
21
22
23
24
25
26
27
28
29
30
31
      
Today