VARIoT IoT vulnerabilities database
| VAR-201202-0071 | CVE-2012-0502 | Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'AWT' sub-component.
This vulnerability affects the following supported versions:
7 Update 2, 6 Update 30, 5.0 Update 33, 1.4.2_35. Content-Disposition: inline
==========================================================================Ubuntu Security Notice USN-1373-1
February 24, 2012
openjdk-6 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Multiple OpenJDK 6 vulnerabilities have been fixed.
Software Description:
- openjdk-6: Open Source Java implementation
Details:
It was discovered that the Java HttpServer class did not limit the
number of headers read from a HTTP request. A remote attacker could
cause a denial of service by sending special requests that trigger
hash collisions predictably. (CVE-2011-5035)
ATTENTION: this update changes previous Java HttpServer class behavior
by limiting the number of request headers to 200. This may be increased
by adjusting the sun.net.httpserver.maxReqHeaders property.
It was discovered that the Java Sound component did not properly
check buffer boundaries. A remote attacker could use this to cause
a denial of service or view confidential data. (CVE-2011-3563)
It was discovered that the Java2D implementation does not properly
check graphics rendering objects before passing them to the native
renderer. A remote attacker could use this to cause a denial of
service or to bypass Java sandbox restrictions. (CVE-2012-0497)
It was discovered that an off-by-one error exists in the Java ZIP
file processing code. An attacker could us this to cause a denial of
service through a maliciously crafted ZIP file. (CVE-2012-0501)
It was discovered that the Java AWT KeyboardFocusManager did not
properly enforce keyboard focus security policy. A remote attacker
could use this with an untrusted application or applet to grab keyboard
focus and possibly expose confidential data. (CVE-2012-0502)
It was discovered that the Java TimeZone class did not properly enforce
security policy around setting the default time zone. A remote attacker
could use this with an untrusted application or applet to set a new
default time zone and bypass Java sandbox restrictions. (CVE-2012-0503)
It was discovered the Java ObjectStreamClass did not throw
an accurately identifiable exception when a deserialization
failure occurred. A remote attacker could use this with
an untrusted application or applet to bypass Java sandbox
restrictions. (CVE-2012-0505)
It was discovered that the Java CORBA implementation did not properly
protect repository identifiers on certain CORBA objects. A remote
attacker could use this to corrupt object data. (CVE-2012-0506)
It was discovered that the Java AtomicReferenceArray class
implementation did not properly check if an array was of
the expected Object[] type. A remote attacker could use this
with a malicious application or applet to bypass Java sandbox
restrictions. (CVE-2012-0507)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10.2
icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10.2
openjdk-6-jre 6b23~pre11-0ubuntu1.11.10.2
openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10.2
openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10.2
openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10.2
Ubuntu 11.04:
icedtea-6-jre-cacao 6b22-1.10.6-0ubuntu1
icedtea-6-jre-jamvm 6b22-1.10.6-0ubuntu1
openjdk-6-jre 6b22-1.10.6-0ubuntu1
openjdk-6-jre-headless 6b22-1.10.6-0ubuntu1
openjdk-6-jre-lib 6b22-1.10.6-0ubuntu1
openjdk-6-jre-zero 6b22-1.10.6-0ubuntu1
Ubuntu 10.10:
icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.10.1
openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.10.1
openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.10.1
openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.10.1
openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.10.1
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.04.1
openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.04.1
openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.04.1
openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.04.1
openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.04.1
After a standard system update you need to restart any Java applications
or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and
Java for Mac OS X 10.6 Update 7
Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now
available and addresses the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.3, OS X Lion Server v10.7.3
Impact: Multiple vulnerabilities in Java 1.6.0_29
Description: Multiple vulnerabilities exist in Java 1.6.0_29, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_31.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2011-3563
CVE-2011-5035
CVE-2012-0497
CVE-2012-0498
CVE-2012-0499
CVE-2012-0500
CVE-2012-0501
CVE-2012-0502
CVE-2012-0503
CVE-2012-0505
CVE-2012-0506
CVE-2012-0507
Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: f76807153bc0ca253e4a466a2a8c0abf1e180667
For OS X Lion systems
The download file is named: JavaForOSX.dmg
Its SHA-1 digest is: 176ac1f8e79b4245301e84b616de5105ccd13e16
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQEcBAEBAgAGBQJPezVqAAoJEGnF2JsdZQee7gIIALa7b5hVTKL7kOXF7EYT6wjx
VnAmxoQbjEwpBkdzPzqqhCQ303/iBdLdHr2O/yxdaX0tFuB+5+4iInPU2t6O+PNh
7iJ3rhQszzIj5q/qGDXyzIQEjurNfvrEKAxQ3T7uj1At+n/9YVBaw8p6i+HopbRc
Fo6Jrxy0Qf/MyeGO4lqxht2Aq8omh+pEBNP68EglqrJp/CjZTYGaFAHVGvnm8/gA
wjcpIRQBacXcBCJ3K8pZhuQvXhm+GVLWYgc2KGsZ/l7jbQX5Bi67b7CFf7lBHlyd
V7ss6N/0T/O3nspdhg+jhnvcaia1Ow3GikC/707NNkM8Dm3lm0DFVMBBgpNvPcU=
=Pf96
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: IcedTea JDK: Multiple vulnerabilities
Date: June 29, 2014
Bugs: #312297, #330205, #340819, #346799, #352035, #353418,
#354231, #355127, #370787, #387637, #404095, #421031,
#429522, #433389, #438750, #442478, #457206, #458410,
#461714, #466822, #477210, #489570, #508270
ID: 201406-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the IcedTea JDK, the worst
of which could lead to arbitrary code execution.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/icedtea-bin < 6.1.13.3 >= 6.1.13.3
Description
===========
Multiple vulnerabilities have been discovered in the IcedTea JDK.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information, bypass intended security policies, or have other
unspecified impact.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All IcedTea JDK users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
References
==========
[ 1 ] CVE-2009-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555
[ 2 ] CVE-2010-2548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2548
[ 3 ] CVE-2010-2783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2783
[ 4 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 5 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 6 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 7 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 8 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 9 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 10 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 11 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 12 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 13 ] CVE-2010-3564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3564
[ 14 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 15 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 16 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 17 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 18 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 19 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 20 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 21 ] CVE-2010-3860
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3860
[ 22 ] CVE-2010-4351
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351
[ 23 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 24 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 25 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 26 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 27 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 28 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 29 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 30 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 31 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 32 ] CVE-2011-0025
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0025
[ 33 ] CVE-2011-0706
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0706
[ 34 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 35 ] CVE-2011-0822
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0822
[ 36 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 37 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 38 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 39 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 40 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 41 ] CVE-2011-0870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0870
[ 42 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 43 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 44 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 45 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 46 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 47 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 48 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 49 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 50 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 51 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 52 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 53 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 54 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 55 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 56 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 57 ] CVE-2011-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563
[ 58 ] CVE-2011-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3571
[ 59 ] CVE-2011-5035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035
[ 60 ] CVE-2012-0497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497
[ 61 ] CVE-2012-0501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501
[ 62 ] CVE-2012-0502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502
[ 63 ] CVE-2012-0503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503
[ 64 ] CVE-2012-0505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505
[ 65 ] CVE-2012-0506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506
[ 66 ] CVE-2012-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547
[ 67 ] CVE-2012-1711
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711
[ 68 ] CVE-2012-1713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713
[ 69 ] CVE-2012-1716
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716
[ 70 ] CVE-2012-1717
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717
[ 71 ] CVE-2012-1718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718
[ 72 ] CVE-2012-1719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719
[ 73 ] CVE-2012-1723
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723
[ 74 ] CVE-2012-1724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724
[ 75 ] CVE-2012-1725
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725
[ 76 ] CVE-2012-1726
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726
[ 77 ] CVE-2012-3216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216
[ 78 ] CVE-2012-3422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3422
[ 79 ] CVE-2012-3423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3423
[ 80 ] CVE-2012-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416
[ 81 ] CVE-2012-4540
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4540
[ 82 ] CVE-2012-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068
[ 83 ] CVE-2012-5069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069
[ 84 ] CVE-2012-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070
[ 85 ] CVE-2012-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071
[ 86 ] CVE-2012-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072
[ 87 ] CVE-2012-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073
[ 88 ] CVE-2012-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074
[ 89 ] CVE-2012-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075
[ 90 ] CVE-2012-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076
[ 91 ] CVE-2012-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077
[ 92 ] CVE-2012-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081
[ 93 ] CVE-2012-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084
[ 94 ] CVE-2012-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085
[ 95 ] CVE-2012-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086
[ 96 ] CVE-2012-5087
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087
[ 97 ] CVE-2012-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089
[ 98 ] CVE-2012-5979
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5979
[ 99 ] CVE-2013-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169
[ 100 ] CVE-2013-0401
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401
[ 101 ] CVE-2013-0424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0424
[ 102 ] CVE-2013-0425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0425
[ 103 ] CVE-2013-0426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0426
[ 104 ] CVE-2013-0427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0427
[ 105 ] CVE-2013-0428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0428
[ 106 ] CVE-2013-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0429
[ 107 ] CVE-2013-0431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0431
[ 108 ] CVE-2013-0432
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0432
[ 109 ] CVE-2013-0433
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0433
[ 110 ] CVE-2013-0434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0434
[ 111 ] CVE-2013-0435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0435
[ 112 ] CVE-2013-0440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0440
[ 113 ] CVE-2013-0441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0441
[ 114 ] CVE-2013-0442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0442
[ 115 ] CVE-2013-0443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0443
[ 116 ] CVE-2013-0444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0444
[ 117 ] CVE-2013-0450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0450
[ 118 ] CVE-2013-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809
[ 119 ] CVE-2013-1475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1475
[ 120 ] CVE-2013-1476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1476
[ 121 ] CVE-2013-1478
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1478
[ 122 ] CVE-2013-1480
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1480
[ 123 ] CVE-2013-1484
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484
[ 124 ] CVE-2013-1485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485
[ 125 ] CVE-2013-1486
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486
[ 126 ] CVE-2013-1488
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488
[ 127 ] CVE-2013-1493
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493
[ 128 ] CVE-2013-1500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500
[ 129 ] CVE-2013-1518
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518
[ 130 ] CVE-2013-1537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537
[ 131 ] CVE-2013-1557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557
[ 132 ] CVE-2013-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569
[ 133 ] CVE-2013-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571
[ 134 ] CVE-2013-2383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383
[ 135 ] CVE-2013-2384
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384
[ 136 ] CVE-2013-2407
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407
[ 137 ] CVE-2013-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412
[ 138 ] CVE-2013-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415
[ 139 ] CVE-2013-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417
[ 140 ] CVE-2013-2419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419
[ 141 ] CVE-2013-2420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420
[ 142 ] CVE-2013-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421
[ 143 ] CVE-2013-2422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422
[ 144 ] CVE-2013-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423
[ 145 ] CVE-2013-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424
[ 146 ] CVE-2013-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426
[ 147 ] CVE-2013-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429
[ 148 ] CVE-2013-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430
[ 149 ] CVE-2013-2431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431
[ 150 ] CVE-2013-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436
[ 151 ] CVE-2013-2443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443
[ 152 ] CVE-2013-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444
[ 153 ] CVE-2013-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445
[ 154 ] CVE-2013-2446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446
[ 155 ] CVE-2013-2447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447
[ 156 ] CVE-2013-2448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448
[ 157 ] CVE-2013-2449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449
[ 158 ] CVE-2013-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450
[ 159 ] CVE-2013-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451
[ 160 ] CVE-2013-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452
[ 161 ] CVE-2013-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453
[ 162 ] CVE-2013-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454
[ 163 ] CVE-2013-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455
[ 164 ] CVE-2013-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456
[ 165 ] CVE-2013-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457
[ 166 ] CVE-2013-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458
[ 167 ] CVE-2013-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459
[ 168 ] CVE-2013-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460
[ 169 ] CVE-2013-2461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461
[ 170 ] CVE-2013-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463
[ 171 ] CVE-2013-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465
[ 172 ] CVE-2013-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469
[ 173 ] CVE-2013-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470
[ 174 ] CVE-2013-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471
[ 175 ] CVE-2013-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472
[ 176 ] CVE-2013-2473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473
[ 177 ] CVE-2013-3829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829
[ 178 ] CVE-2013-4002
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4002
[ 179 ] CVE-2013-5772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772
[ 180 ] CVE-2013-5774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774
[ 181 ] CVE-2013-5778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778
[ 182 ] CVE-2013-5780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780
[ 183 ] CVE-2013-5782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782
[ 184 ] CVE-2013-5783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783
[ 185 ] CVE-2013-5784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784
[ 186 ] CVE-2013-5790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790
[ 187 ] CVE-2013-5797
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797
[ 188 ] CVE-2013-5800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800
[ 189 ] CVE-2013-5802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802
[ 190 ] CVE-2013-5803
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803
[ 191 ] CVE-2013-5804
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804
[ 192 ] CVE-2013-5805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805
[ 193 ] CVE-2013-5806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806
[ 194 ] CVE-2013-5809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809
[ 195 ] CVE-2013-5814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814
[ 196 ] CVE-2013-5817
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817
[ 197 ] CVE-2013-5820
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820
[ 198 ] CVE-2013-5823
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823
[ 199 ] CVE-2013-5825
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825
[ 200 ] CVE-2013-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829
[ 201 ] CVE-2013-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830
[ 202 ] CVE-2013-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840
[ 203 ] CVE-2013-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842
[ 204 ] CVE-2013-5849
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849
[ 205 ] CVE-2013-5850
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850
[ 206 ] CVE-2013-5851
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851
[ 207 ] CVE-2013-6629
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629
[ 208 ] CVE-2013-6954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6954
[ 209 ] CVE-2014-0429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0429
[ 210 ] CVE-2014-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0446
[ 211 ] CVE-2014-0451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0451
[ 212 ] CVE-2014-0452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0452
[ 213 ] CVE-2014-0453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0453
[ 214 ] CVE-2014-0456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0456
[ 215 ] CVE-2014-0457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0457
[ 216 ] CVE-2014-0458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0458
[ 217 ] CVE-2014-0459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0459
[ 218 ] CVE-2014-0460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0460
[ 219 ] CVE-2014-0461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0461
[ 220 ] CVE-2014-1876
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1876
[ 221 ] CVE-2014-2397
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2397
[ 222 ] CVE-2014-2398
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2398
[ 223 ] CVE-2014-2403
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2403
[ 224 ] CVE-2014-2412
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2412
[ 225 ] CVE-2014-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2414
[ 226 ] CVE-2014-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2421
[ 227 ] CVE-2014-2423
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2423
[ 228 ] CVE-2014-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2427
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201406-32.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
CVE-2011-3377
The Iced Tea browser plugin included in the openjdk-6 package
does not properly enforce the Same Origin Policy on web content
served under a domain name which has a common suffix with the
required domain name.
This could lead to JVM crash or Java sandbox bypass.
CVE-2012-0505
The Java serialization code leaked references to serialization
exceptions, possibly leaking critical objects to untrusted
code in Java applets and applications. This could
have been used to perform modification of the data that should
have been immutable.
For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 6b24-1.11.1-1.
We recommend that you upgrade your openjdk-6 packages.
Release Date: 2012-04-02
Last Updated: 2012-04-02
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 5.0.24 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4
CVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4
CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2012-0507 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v5.0.25 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v5.0.24 and earlier, update to Java v5.0.25 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jdk15.JDK15
Jdk15.JDK15-COM
Jdk15.JDK15-DEMO
Jdk15.JDK15-IPF32
Jdk15.JDK15-IPF64
Jdk15.JDK15-COM
Jdk15.JDK15-DEMO
Jdk15.JDK15-PA20
Jdk15.JDK15-PA20W
Jre15.JRE15
Jre15.JRE15-COM
Jre15.JRE15-IPF32
Jre15.JRE15-IPF32-HS
Jre15.JRE15-IPF64
Jre15.JRE15-IPF64-HS
Jre15.JRE15-PA20
Jre15.JRE15-PA20-HS
Jre15.JRE15-PA20W
Jre15.JRE15-PA20W-HS
action: install revision 1.5.0.25.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 2 April 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Fix in AtomicReferenceArray (CVE-2011-3571).
Multiple unspecified vulnerabilities allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
(CVE-2012-0498. CVE-2012-0499, CVE-2012-0500).
Issues with some KeyboardFocusManager method (CVE-2012-0502).
Issues with TimeZone class (CVE-2012-0503).
Enhance exception throwing mechanism in ObjectStreamClass
(CVE-2012-0505).
Issues with some method in corba (CVE-2012-0506).
The updated packages provides icedtea6-1.10.6 which is not vulnerable
to these issues. The verification
of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.5.0-ibm security update
Advisory ID: RHSA-2012:0508-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0508.html
Issue date: 2012-04-23
CVE Names: CVE-2011-3389 CVE-2011-3557 CVE-2011-3560
CVE-2011-3563 CVE-2012-0498 CVE-2012-0499
CVE-2012-0501 CVE-2012-0502 CVE-2012-0503
CVE-2012-0505 CVE-2012-0506 CVE-2012-0507
=====================================================================
1. Summary:
Updated java-1.5.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Detailed
vulnerability descriptions are linked from the IBM "Security alerts" page,
listed in the References section. (CVE-2011-3389, CVE-2011-3557,
CVE-2011-3560, CVE-2011-3563, CVE-2012-0498, CVE-2012-0499, CVE-2012-0501,
CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507)
All users of java-1.5.0-ibm are advised to upgrade to these updated
packages, containing the IBM 1.5.0 SR13-FP1 Java release. All running
instances of IBM Java must be restarted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)
788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687)
788994 - CVE-2012-0507 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)
789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)
789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)
789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704)
790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)
790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.i386.rpm
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.i386.rpm
ppc:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.ppc64.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.ppc.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.ppc64.rpm
s390x:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.s390x.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.s390.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.s390x.rpm
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-accessibility-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.i386.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
ppc64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.ppc64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.ppc64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.ppc.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.ppc64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.ppc64.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.2.el6_2.ppc.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.2.el6_2.ppc.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.ppc64.rpm
s390x:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.s390x.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.s390x.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.s390.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.s390x.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.2.el6_2.s390.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.s390x.rpm
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-jdbc-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-plugin-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
x86_64:
java-1.5.0-ibm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-demo-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.i686.rpm
java-1.5.0-ibm-devel-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-javacomm-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
java-1.5.0-ibm-src-1.5.0.13.1-1jpp.2.el6_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3563.html
https://www.redhat.com/security/data/cve/CVE-2012-0498.html
https://www.redhat.com/security/data/cve/CVE-2012-0499.html
https://www.redhat.com/security/data/cve/CVE-2012-0501.html
https://www.redhat.com/security/data/cve/CVE-2012-0502.html
https://www.redhat.com/security/data/cve/CVE-2012-0503.html
https://www.redhat.com/security/data/cve/CVE-2012-0505.html
https://www.redhat.com/security/data/cve/CVE-2012-0506.html
https://www.redhat.com/security/data/cve/CVE-2012-0507.html
https://access.redhat.com/security/updates/classification/#critical
http://www.ibm.com/developerworks/java/jdk/alerts/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPlYszXlSAg2UNWIIRAuJTAKCPRZxk+0bWKTvZiCsltv30xO03hQCghJdm
r0hFBLP7N8YIpGTvj/Dj1zY=
=PHoP
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201202-0054 | CVE-2012-0014 | Microsoft .NET Framework and Silverlight Vulnerable to arbitrary code execution |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Unmanaged Objects Vulnerability.". Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability.
Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition. The platform includes the C# and Visual Basic programming languages, the common language runtime, and an extensive class library. Microsoft has released updates to
address these vulnerabilities.
I. Description
The Microsoft Security Bulletin Summary for February 2012 describes
multiple vulnerabilities in Microsoft Windows. Microsoft has
released updates to address the vulnerabilities.
II.
III. Solution
Apply updates
Microsoft has provided updates for these vulnerabilities in the
Microsoft Security Bulletin Summary for February 2012, which
describes any known issues related to the updates. Administrators
are encouraged to note these issues and test for any potentially
adverse effects. In addition, administrators should consider using
an automated update distribution system such as Windows Server
Update Services (WSUS). Home users are encouraged to enable
automatic updates.
IV. References
* Microsoft Security Bulletin Summary for February 2012 -
<https://technet.microsoft.com/en-us/security/bulletin/ms12-feb>
* Microsoft Windows Server Update Services -
<http://technet.microsoft.com/en-us/wsus/default.aspx>
* Microsoft Update - <https://www.update.microsoft.com/>
* Microsoft Update Overview -
<http://www.microsoft.com/security/updates/mu.aspx>
* Turn Automatic Updating On or Off -
<http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA12-045A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA12-045A Feedback VU#752838" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2012 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
February 14, 2012: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTzqp2T/GkGVXE7GMAQKh6wgAg9gjZ3sCu3eepRZEyFy4PkGhC4A1jzgw
2soH7tPOimgpzlLVbkJ7/RQYylCYixzEa9PbL9v/RzXh/TVVeXrPU97SqmLOAXr7
gtgcapZBGSHBmqYF5BWRnXVRVOQv+JpmdA5AJHO89qQl4okr9VVTCTnQkrAFyzfP
40uf/Nr0DrTRI9dmEjsLTzvOhh0G2HKnBmbpybGaOqoQao67ih/HEOkp6bsCUBwK
joX4C3nK9EdMPNK8YAzrHNbM0ANR5DfieGXBsCwNi6/3zZvGB+PKhAu6bikbQrXW
iRpyS3IirvDB59KNlmQp3jdaodNHSLOg5JuF7kOdQ1m8qa+DjwSvJQ==
=E3Fg
-----END PGP SIGNATURE-----
| VAR-201202-0094 | CVE-2012-0340 | Cisco IronPort Encryption Appliance Management interface cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410. The Cisco IronPort family of products is a widely used mail encryption gateway that seamlessly encrypts, decrypts, and digitally signs confidential email. Since the WEB interface provided by the device fails to properly filter the input submitted by the user, the unauthenticated remote attacker can construct a malicious link, induce the user to parse, obtain the target user's browser sensitive information or hijack the user session.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This issue is being tracked by IronPort bug 72410
| VAR-201202-0034 | CVE-2011-3968 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. Google Chrome There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.By a third party Service operation interruption (DoS) You may be put into a state or affected by other details.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: February 18, 2012
Bugs: #402841, #404067
ID: 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
information leak (clipboard contents), bypass of the Same Origin
Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI
actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
==========
[ 1 ] CVE-2011-3016
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016
[ 2 ] CVE-2011-3017
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017
[ 3 ] CVE-2011-3018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018
[ 4 ] CVE-2011-3019
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019
[ 5 ] CVE-2011-3020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020
[ 6 ] CVE-2011-3021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021
[ 7 ] CVE-2011-3022
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022
[ 8 ] CVE-2011-3023
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023
[ 9 ] CVE-2011-3024
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024
[ 10 ] CVE-2011-3025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025
[ 11 ] CVE-2011-3027
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027
[ 12 ] CVE-2011-3953
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953
[ 13 ] CVE-2011-3954
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954
[ 14 ] CVE-2011-3955
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955
[ 15 ] CVE-2011-3956
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956
[ 16 ] CVE-2011-3957
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957
[ 17 ] CVE-2011-3958
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958
[ 18 ] CVE-2011-3959
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959
[ 19 ] CVE-2011-3960
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960
[ 20 ] CVE-2011-3961
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961
[ 21 ] CVE-2011-3962
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962
[ 22 ] CVE-2011-3963
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963
[ 23 ] CVE-2011-3964
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964
[ 24 ] CVE-2011-3965
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965
[ 25 ] CVE-2011-3966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966
[ 26 ] CVE-2011-3967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967
[ 27 ] CVE-2011-3968
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968
[ 28 ] CVE-2011-3969
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969
[ 29 ] CVE-2011-3970
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970
[ 30 ] CVE-2011-3971
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971
[ 31 ] CVE-2011-3972
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972
[ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=
ml
[ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=
l
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0032 | CVE-2011-3966 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: February 18, 2012
Bugs: #402841, #404067
ID: 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
information leak (clipboard contents), bypass of the Same Origin
Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI
actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
==========
[ 1 ] CVE-2011-3016
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016
[ 2 ] CVE-2011-3017
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017
[ 3 ] CVE-2011-3018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018
[ 4 ] CVE-2011-3019
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019
[ 5 ] CVE-2011-3020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020
[ 6 ] CVE-2011-3021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021
[ 7 ] CVE-2011-3022
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022
[ 8 ] CVE-2011-3023
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023
[ 9 ] CVE-2011-3024
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024
[ 10 ] CVE-2011-3025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025
[ 11 ] CVE-2011-3027
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027
[ 12 ] CVE-2011-3953
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953
[ 13 ] CVE-2011-3954
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954
[ 14 ] CVE-2011-3955
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955
[ 15 ] CVE-2011-3956
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956
[ 16 ] CVE-2011-3957
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957
[ 17 ] CVE-2011-3958
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958
[ 18 ] CVE-2011-3959
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959
[ 19 ] CVE-2011-3960
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960
[ 20 ] CVE-2011-3961
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961
[ 21 ] CVE-2011-3962
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962
[ 22 ] CVE-2011-3963
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963
[ 23 ] CVE-2011-3964
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964
[ 24 ] CVE-2011-3965
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965
[ 25 ] CVE-2011-3966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966
[ 26 ] CVE-2011-3967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967
[ 27 ] CVE-2011-3968
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968
[ 28 ] CVE-2011-3969
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969
[ 29 ] CVE-2011-3970
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970
[ 30 ] CVE-2011-3971
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971
[ 31 ] CVE-2011-3972
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972
[ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=
ml
[ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=
l
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0024 | CVE-2011-3958 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption through crafted documents by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: February 18, 2012
Bugs: #402841, #404067
ID: 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
information leak (clipboard contents), bypass of the Same Origin
Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI
actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
==========
[ 1 ] CVE-2011-3016
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016
[ 2 ] CVE-2011-3017
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017
[ 3 ] CVE-2011-3018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018
[ 4 ] CVE-2011-3019
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019
[ 5 ] CVE-2011-3020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020
[ 6 ] CVE-2011-3021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021
[ 7 ] CVE-2011-3022
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022
[ 8 ] CVE-2011-3023
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023
[ 9 ] CVE-2011-3024
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024
[ 10 ] CVE-2011-3025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025
[ 11 ] CVE-2011-3027
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027
[ 12 ] CVE-2011-3953
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953
[ 13 ] CVE-2011-3954
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954
[ 14 ] CVE-2011-3955
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955
[ 15 ] CVE-2011-3956
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956
[ 16 ] CVE-2011-3957
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957
[ 17 ] CVE-2011-3958
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958
[ 18 ] CVE-2011-3959
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959
[ 19 ] CVE-2011-3960
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960
[ 20 ] CVE-2011-3961
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961
[ 21 ] CVE-2011-3962
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962
[ 22 ] CVE-2011-3963
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963
[ 23 ] CVE-2011-3964
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964
[ 24 ] CVE-2011-3965
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965
[ 25 ] CVE-2011-3966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966
[ 26 ] CVE-2011-3967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967
[ 27 ] CVE-2011-3968
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968
[ 28 ] CVE-2011-3969
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969
[ 29 ] CVE-2011-3970
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970
[ 30 ] CVE-2011-3971
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971
[ 31 ] CVE-2011-3972
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972
[ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=
ml
[ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=
l
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0017 | CVE-2011-3971 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: February 18, 2012
Bugs: #402841, #404067
ID: 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
information leak (clipboard contents), bypass of the Same Origin
Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI
actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
==========
[ 1 ] CVE-2011-3016
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016
[ 2 ] CVE-2011-3017
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017
[ 3 ] CVE-2011-3018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018
[ 4 ] CVE-2011-3019
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019
[ 5 ] CVE-2011-3020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020
[ 6 ] CVE-2011-3021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021
[ 7 ] CVE-2011-3022
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022
[ 8 ] CVE-2011-3023
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023
[ 9 ] CVE-2011-3024
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024
[ 10 ] CVE-2011-3025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025
[ 11 ] CVE-2011-3027
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027
[ 12 ] CVE-2011-3953
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953
[ 13 ] CVE-2011-3954
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954
[ 14 ] CVE-2011-3955
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955
[ 15 ] CVE-2011-3956
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956
[ 16 ] CVE-2011-3957
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957
[ 17 ] CVE-2011-3958
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958
[ 18 ] CVE-2011-3959
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959
[ 19 ] CVE-2011-3960
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960
[ 20 ] CVE-2011-3961
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961
[ 21 ] CVE-2011-3962
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962
[ 22 ] CVE-2011-3963
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963
[ 23 ] CVE-2011-3964
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964
[ 24 ] CVE-2011-3965
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965
[ 25 ] CVE-2011-3966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966
[ 26 ] CVE-2011-3967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967
[ 27 ] CVE-2011-3968
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968
[ 28 ] CVE-2011-3969
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969
[ 29 ] CVE-2011-3970
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970
[ 30 ] CVE-2011-3971
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971
[ 31 ] CVE-2011-3972
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972
[ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=
ml
[ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=
l
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0015 | CVE-2011-3969 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible.
Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: February 18, 2012
Bugs: #402841, #404067
ID: 201202-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.
Background
==========
Chromium is an open source web browser project.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
===========
Multiple vulnerabilities have been discovered in Chromium. Please
review the CVE identifiers and release notes referenced below for
details.
Impact
======
A remote attacker could entice a user to open a specially crafted web
site using Chromium, possibly resulting in the execution of arbitrary
code with the privileges of the process, a Denial of Service condition,
information leak (clipboard contents), bypass of the Same Origin
Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI
actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
==========
[ 1 ] CVE-2011-3016
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016
[ 2 ] CVE-2011-3017
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017
[ 3 ] CVE-2011-3018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018
[ 4 ] CVE-2011-3019
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019
[ 5 ] CVE-2011-3020
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020
[ 6 ] CVE-2011-3021
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021
[ 7 ] CVE-2011-3022
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022
[ 8 ] CVE-2011-3023
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023
[ 9 ] CVE-2011-3024
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024
[ 10 ] CVE-2011-3025
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025
[ 11 ] CVE-2011-3027
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027
[ 12 ] CVE-2011-3953
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953
[ 13 ] CVE-2011-3954
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954
[ 14 ] CVE-2011-3955
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955
[ 15 ] CVE-2011-3956
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956
[ 16 ] CVE-2011-3957
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957
[ 17 ] CVE-2011-3958
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958
[ 18 ] CVE-2011-3959
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959
[ 19 ] CVE-2011-3960
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960
[ 20 ] CVE-2011-3961
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961
[ 21 ] CVE-2011-3962
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962
[ 22 ] CVE-2011-3963
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963
[ 23 ] CVE-2011-3964
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964
[ 24 ] CVE-2011-3965
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965
[ 25 ] CVE-2011-3966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966
[ 26 ] CVE-2011-3967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967
[ 27 ] CVE-2011-3968
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968
[ 28 ] CVE-2011-3969
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969
[ 29 ] CVE-2011-3970
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970
[ 30 ] CVE-2011-3971
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971
[ 31 ] CVE-2011-3972
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972
[ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=
ml
[ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=
l
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0041 | CVE-2011-4533 | Ing. Punzenberger COPA-DATA zenon of zenAdminSrv.exe Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240. Punzenberger COPA-DATA GmbH zenon is an industrial automation software. Punzenberger COPA-DATA GmbH zenon is prone to multiple denial-of-service vulnerabilities.
Attackers can exploit these issues to crash an affected system, denying service to legitimate users.
zenon 6.51 SP0 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
SC Magazine awards the Secunia CSI a 5-Star rating
Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296
----------------------------------------------------------------------
TITLE:
zenon Two Code Execution Vulnerabilities
SECUNIA ADVISORY ID:
SA47892
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47892/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47892
RELEASE DATE:
2012-02-08
DISCUSS ADVISORY:
http://secunia.com/advisories/47892/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/47892/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47892
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Two vulnerabilities have been reported in zenon, which can be
exploited by malicious people to potentially compromise a vulnerable
system.
1) An error in zenAdminSrv.exe when processing certain packets can be
exploited via a specially crafted packet sent to TCP port 50777.
2) An error in ZenSysSrv.exe when handling client connections can be
exploited by connecting and disconnecting multiple times on TCP port
1101.
Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.
The vulnerabilities are reported in version 6.51 SP0.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Kuang-Chun Hung, Security Research and Service
Institute Information and Communication Security Technology Center
(ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0042 | CVE-2011-4534 | Ing. Punzenberger COPA-DATA zenon of ZenSysSrv.exe Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212. Punzenberger COPA-DATA GmbH zenon is an industrial automation software. Punzenberger COPA-DATA GmbH zenon is prone to multiple denial-of-service vulnerabilities.
Attackers can exploit these issues to crash an affected system, denying service to legitimate users.
zenon 6.51 SP0 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
SC Magazine awards the Secunia CSI a 5-Star rating
Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296
----------------------------------------------------------------------
TITLE:
zenon Two Code Execution Vulnerabilities
SECUNIA ADVISORY ID:
SA47892
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47892/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47892
RELEASE DATE:
2012-02-08
DISCUSS ADVISORY:
http://secunia.com/advisories/47892/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/47892/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47892
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Two vulnerabilities have been reported in zenon, which can be
exploited by malicious people to potentially compromise a vulnerable
system.
1) An error in zenAdminSrv.exe when processing certain packets can be
exploited via a specially crafted packet sent to TCP port 50777.
2) An error in ZenSysSrv.exe when handling client connections can be
exploited by connecting and disconnecting multiple times on TCP port
1101.
Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.
The vulnerabilities are reported in version 6.51 SP0.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Kuang-Chun Hung, Security Research and Service
Institute Information and Communication Security Technology Center
(ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0048 | CVE-2011-4513 | plural Siemens Vulnerabilities in products that allow arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. plural Siemens The product includes HMI Web An arbitrary code execution vulnerability exists due to a flaw in processing related to the server and runtime loader.Crafted by attackers project An arbitrary code may be executed via the file. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. Social engineering is required to enable administrators to download files and execute them. SIMATIC Wincc Runtime Advanced is prone to a remote security vulnerability. Vulnerabilities exist in several versions of Siemens SIMATIC WinCC
| VAR-201202-0049 | CVE-2011-4514 | plural Siemens Product TELNET Access vulnerability in daemon |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. plural Siemens Product TELNET Since the daemon does not authenticate, there is a vulnerability that allows easy access.By a third party TCP Access can easily be gained through a session. Siemens SIMATIC is an automation software in a single engineering environment. SIMATIC panels include the Telnet daemon by default, but the daemon does not implement any validation features. A vulnerability exists in several versions of Siemens SIMATIC WinCC due to the failure of the TELNET daemon to perform authentication. A remote attacker could use this vulnerability to gain access through a TCP session
| VAR-201202-0047 | CVE-2011-4512 | Siemens SIMATIC WinCC HMI Web Server Multiple Input Validation Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input.
A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions
| VAR-201202-0165 | CVE-2011-4878 |
plural Siemens Product HMI Web Server traversal vulnerability
Related entries in the VARIoT exploits database: VAR-E-201111-0178 |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI. plural Siemens Product HMI Web Server miniweb.exe Contains a directory traversal vulnerability.By a third party ..%5c ( Dot dot backslash ) including URI Any file may be read via. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server listening on TCP ports 80 and 443 does not correctly verify the URL in the HTTP request, and builds a URL containing a specially crafted slash to perform a directory traversal attack and read any file in the file system. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input.
A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. A remote attacker can exploit this vulnerability to read arbitrary files by means of ../ (dotted backslashes) in the URL
| VAR-201202-0166 | CVE-2011-4879 |
plural Siemens Product HMI Web Vulnerability to read data from arbitrary memory locations on the server
Related entries in the VARIoT exploits database: VAR-E-201111-0178 |
CVSS V2: 8.5 CVSS V3: - Severity: HIGH |
miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input.
A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character
| VAR-201202-0272 | CVE-2012-1085 | TYPO3 for BE User Switch Vulnerabilities that can retrieve important information in extensions |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information.
BE User Switch 0.0.1 is vulnerable; other versions may be affected. Typo3, one of the leading brands of open source Content Management Systems (CMS) and Content Management Frameworks (CMF) based on PHP and MySQL databases, is a powerful open source solution
| VAR-201202-0271 | CVE-2012-1084 | TYPO3 for BE User Switch Cross-site scripting vulnerability in extensions |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information.
BE User Switch 0.0.1 is vulnerable; other versions may be affected. Typo3, one of the leading brands of open source Content Management Systems (CMS) and Content Management Frameworks (CMF) based on PHP and MySQL databases, is a powerful open source solution
| VAR-201202-0281 | CVE-2012-1007 | Apache Struts Multiple Cross-Site Scripting Vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do. (1) struts-examples/upload/upload-submit.do of name Parameters (2) struts-cookbook/processSimple.do of name Or message Parameters (3) struts-cookbook/processDyna.do of name Or message Parameters. Apache is a popular free open source web server that runs on a variety of Unix and Linux platforms and runs on Windows.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
| VAR-201202-0152 | CVE-2011-3452 | Apple Mac OS X of Internet Sharing Vulnerability in which important information is obtained |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network. Apple Mac OS X is prone to a security bypass vulnerability that affects the Internet Sharing component.
An attacker can exploit this issue to gain unauthorized access to the Wi-Fi network.
The following products are vulnerable:
Mac OS X 10.7 to 10.7.2
Mac OS X Server 10.7 to 10.7.2
NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. The vulnerability stems from Internet Sharing not maintaining the Wi-Fi configuration for the entire software update
| VAR-201202-0151 | CVE-2011-3450 | Apple Mac OS X of CoreUI Vulnerable to arbitrary code execution |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. Apple Mac OS X is prone to a remote code-execution vulnerability.
Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
The following products are vulnerable:
Mac OS X 10.7 to 10.7.2
Mac OS X Server 10.7 to 10.7.2
NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. There is an unbounded limit stack allocation problem when dealing with ultra-long URLs