CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3548 Resource Management Errors vulnerability 4.3 Wireshark
Solaris 11.1 11.1.3.4
CVE-2012-5237 Resource Management Errors vulnerability 3.3
CVE-2012-5238 Denial Of Service(DoS) vulnerability 3.3
CVE-2012-5239 Denial Of Service(DoS) vulnerability 4.3
CVE-2012-5240 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 5.8

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0883 Permissions, Privileges, and Access Controls vulnerability 6.9 Apache HTTP server
Solaris 10 SPARC: 120543-30 X86: 120544-30
Solaris 11.1 11.1.3.4
CVE-2012-2687 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 2.6

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1960 Information Exposure vulnerability 5.0 Firefox
Solaris 10 SPARC: 145080-12 X86: 145081-11
Solaris 11.1 11.1.2.5
CVE-2012-1970 Denial of Service (DoS) vulnerability 10.0
CVE-2012-1971 Denial of Service (DoS) vulnerability 9.3
CVE-2012-1972 Resource Management Errors vulnerability 10.0
CVE-2012-1973 Resource Management Errors vulnerability 10.0
CVE-2012-1974 Resource Management Errors vulnerability 10.0
CVE-2012-1975 Resource Management Errors vulnerability 10.0
CVE-2012-1976 Resource Management Errors vulnerability 10.0
CVE-2012-3956 Resource Management Errors vulnerability 10.0
CVE-2012-3957 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-3958 Resource Management Errors vulnerability 10.0
CVE-2012-3959 Resource Management Errors vulnerability 10.0
CVE-2012-3960 Resource Management Errors vulnerability 10.0
CVE-2012-3961 Resource Management Errors vulnerability 10.0
CVE-2012-3962 Arbitrary code execution vulnerability 9.3
CVE-2012-3963 Resource Management Errors vulnerability 10.0
CVE-2012-3964 Resource Management Errors vulnerability 10.0
CVE-2012-3966 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0
CVE-2012-3967 Arbitrary code execution vulnerability 6.8
CVE-2012-3968 Resource Management Errors vulnerability 10.0
CVE-2012-3969 Numeric Errors vulnerability 9.3
CVE-2012-3970 Resource Management Errors vulnerability 10.0
CVE-2012-3972 Information Exposure vulnerability 5.0
CVE-2012-3974 Resource Management Errors vulnerability 6.9
CVE-2012-3976 Denial of Service (DoS) vulnerability 5.8
CVE-2012-3978 Permissions, Privileges, and Access Controls vulnerability 6.8
CVE-2012-3980 Improper Control of Generation of Code ('Code Injection') vulnerability 9.3

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-1948 Denial of service (DoS) vulnerability 9.3 Thunderbird
Solaris 10 SPARC: 145200-12 X86: 145201-12
Solaris 11.1 11.1.2.5
CVE-2012-1950 Address spoofing vulnerability 6.4
CVE-2012-1951 Resource Management Errors vulnerability 10.0
CVE-2012-1952 Resource Management Errors vulnerability 9.3
CVE-2012-1953 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 9.3
CVE-2012-1954 Resource Management Errors vulnerability 10.0
CVE-2012-1955 Address spoofing vulnerability 6.8
CVE-2012-1957 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-1958 Resource Management Errors vulnerability 9.3
CVE-2012-1959 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2012-1961 Improper Input Validation vulnerability 4.3
CVE-2012-1962 Resource Management Errors vulnerability 10.0
CVE-2012-1963 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2012-1964 Clickjacking vulnerability 4.0
CVE-2012-1965 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2012-1966 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2012-1967 Arbitrary code execution vulnerability 10.0
CVE-2012-1970 Denial of service (DoS) vulnerability 10.0
CVE-2012-1973 Resource Management Errors vulnerability 10.0
CVE-2012-3966 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 10.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-3955 Denial of Service (DoS) vulnerability 7.1 ISC DHCP
Solaris 11 11/11 SRU 13.4
Solaris 11.1 11.1.1.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5166 Denial of Service vulnerability 7.8 BIND
Solaris 10 SPARC : 119783-25 x86 : 119784-25
Solaris 11 11/11 SRU 13.4
Solaris 11.1 11.1.1.4
Solaris 9 SPARC: 112837-29 X86: 114265-28

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-4244 Denial of Service vulnerability 7.8 BIND
Solaris 10 SPARC : 119783-24 , x86 : 119784-24
Solaris 11 11/11 SRU 12.4
Solaris 11.1 11.1.1.4
Solaris 9 SPARC : 112837-28 , x86 : 114265-27

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2733 Improper Input Validation vulnerability 5.0 Apache Tomcat
Oracle Health Sciences Clinical Development Center upgrade to Apache Tomcat v6.0.36
CVE-2012-5885 DIGEST authentication implementation issues 5.0
CVE-2012-5886 DIGEST authentication implementation issues 5.0
CVE-2012-5887 DIGEST authentication implementation issues 5.0
CVE-2012-3546 Security constraints bypass vulnerability 4.3
CVE-2012-4431 CSRF prevention filter bypass vulnerability 4.3
CVE-2012-4534 Denial of Service (DoS) vulnerability 2.6

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Permalink |