Multiple vulnerabilities fixed in Firefox 24.2.0 ESR

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
Multiple CVEs Multiple vulnerabilities 10 Firefox
Solaris 10 SPARC: 145080-14 X86: 145081-13

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-5356 Permissions, Privileges, and Access Control vulnerability in OpenStack Glance

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-5356 Permissions, Privileges, and Access Control vulnerability 4.0 OpenStack Glance
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3594 Cross-site scripting (XSS) vulnerability vulnerability in OpenStack Horizon

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3594 Cross-site scripting (XSS) vulnerability vulnerability 3.5 OpenStack Horizon
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3589 Input Validation vulnerability in Python Imaging Library (PIL)

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3589 Input Validation vulnerability 5.0 Python Imaging Library (PIL)
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Buffer Errors vulnerabilities in Wireshark

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-5161 Buffer Errors vulnerability 5.0 Wireshark
Solaris 11.2 11.2.2.5.0
CVE-2014-5162 Buffer Errors vulnerability 5.0
CVE-2014-5163 Buffer Errors vulnerability 5.0
CVE-2014-5164 Buffer Errors vulnerability 5.0
CVE-2014-5165 Buffer Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Denial Of Service(DoS) vulnerabilities in Apache HTTP Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-4352 Denial Of Service(DoS) vulnerability 4.3 Apache HTTP Server
Solaris 11.2 11.2.2.5.0
CVE-2014-0117 Denial Of Service(DoS) vulnerability 4.3
CVE-2014-0118 Denial Of Service(DoS) vulnerability 4.3
CVE-2014-0226 Denial Of Service(DoS) vulnerability 6.8
CVE-2014-0231 Denial Of Service(DoS) vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle (more...)

Multiple vulnerabilities in Net-SNMP

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6151 Resource Management Errors vulnerability 4.3 Net-SNMP
Solaris 11.2 11.2.2.5.0
CVE-2014-2310 Input Validation vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3508 Information Disclosure vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3508 Information Disclosure vulnerability 4.3 OpenSSL
Solaris 11.2 11.2.2.5.0
Solaris 10 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-5139 Denial Of Service(DoS) vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-5139 Denial Of Service(DoS) vulnerability 4.3 OpenSSL
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3509 Race Conditions vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3509 Race Conditions vulnerability 6.8 OpenSSL
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3505 Denial Of Service(DoS) vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3505 Denial Of Service(DoS) vulnerability 5.0 OpenSSL
Solaris 11.2 11.2.2.5.0
Solaris 10 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3506 Resource Management Errors vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3506 Resource Management Errors vulnerability 5.0 OpenSSL
Solaris 11.2 11.2.2.5.0
Solaris 10 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3507 Resource Management Errors vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3507 Resource Management Errors vulnerability 5.0 OpenSSL
Solaris 11.2 11.2.2.5.0
Solaris 10 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3510 Denial Of Service(DoS) vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3510 Denial Of Service(DoS) vulnerability 4.3 OpenSSL
Solaris 11.2 11.2.2.5.0
Solaris 10 Patches planned but not yet available

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3511 Cryptographic vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3511 Cryptographic vulnerability 4.3 OpenSSL
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-3512 Buffer Errors vulnerability in OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-3512 Buffer Errors vulnerability 7.5 OpenSSL
Solaris 11.2 11.2.2.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0178 Information Disclosure vulnerability in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0178 Information Disclosure vulnerability 3.5 Samba
Solaris 11.2 11.2.2.5.0
Solaris 10 SPARC: 119757-33 X86: 119758-33

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2014-0092 Cryptographic Issues vulnerability in GnuTLS

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0092 Cryptographic Issues vulnerability 5.8 GnuTLS
Solaris 10 SPARC: 123938-03 X86: 123939-03
Solaris 11.1 11.1.18.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities in Samba

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2014-0244 Input Validation vulnerability 3.3 Samba
Solaris 11.2 11.2.1.5.0
CVE-2014-3493 Buffer Errors vulnerability 2.7

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple Input Validation vulnerabilities in Apache HTTP Server

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-6438 Input Validation vulnerability 5.0 Apache HTTP Server
Solaris 11.1 11.1.19.6.0
Solaris 10 Patches planned but not yet available
CVE-2014-0098 Input Validation vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.