Multiple OpenSSL vulnerabilities in Sun SPARC Enterprise M-series XCP Firmware
By Ritwik Ghoshal on Sep 25, 2012
|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2008-5077 Improper Input Validation vulnerability||5.8||OpenSSL in XCP1113 Firmware||
|CVE-2008-7270 Cryptographic Issues vulnerability||4.3|
|CVE-2009-0590 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability||5.0|
|CVE-2009-3245 Improper Input Validation vulnerability||10.0|
|CVE-2010-4180 Cipher suite downgrade vulnerability||4.3|
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.