CVE-2012-0814 Credentials Management vulnerability in SSH

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-0814 Credentials Management vulnerability 3.5 SSH
Solaris 10 Contact Support
Solaris 11.1 11.1.7.5.0
Solaris 9 Contact Support

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities (more...)

Lucky Thirteen vulnerability in Solaris OpenSSL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0166 Cryptographic Issues vulnerability 5.0 OpenSSL
Solaris 10 Contact Support
Solaris 11 11.1.7.5.0
Solaris 9 Contact Support
CVE-2013-0169 Cryptographic Issues vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's (more...)

Multiple Permissions, Privileges, and Access Control vulnerabilities in Sudo

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1775 Permissions, Privileges, and Access Control vulnerability 6.9 Sudo
Solaris 11.1 11.1.7.5.0
CVE-2013-1776 Permissions, Privileges, and Access Control vulnerability 4.4

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product (more...)

CVE-2012-5134 Buffer Overflow vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5134 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 6.8 libxml2
Solaris 10 Contact Support
Solaris 11.1 11.1.7.5.0
Solaris 9 Contact Support

This notification describes vulnerabilities fixed in third-party components that (more...)

CVE-2013-0338 Denial of Service (DoS) vulnerability in libxml2

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0338 Denial of Service (DoS) vulnerability 4.3 libxml2
Solaris 10 Contact Support
Solaris 11.1 11.1.7.5.0
Solaris 9 Contact Support

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information (more...)

CVE-2012-5526 Configuration vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5526 Configuration vulnerability 5.0 Perl
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-5195 Heap Buffer Overrun vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5195 Heap Buffer Overrun vulnerability 5.1 Perl
Solaris 11.1 11.1.7.5.0

Oracle acknowledges with thanks, Ricardo Signes from cpan.org for bringing this issue to our attention.

This notification describes vulnerabilities fixed in third-party components that (more...)

CVE-2012-5667 Heap Buffer Overflow vulnerability in GNU Grep

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-5667 Heap Buffer Overflow vulnerability 4.4 GNU Grep
Solaris 10 Contact Support
Solaris 11.1 11.1.7.5.0
Solaris 9 Contact Support

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information (more...)

CVE-2012-6329 Code Injection vulnerability in Perl 5.8

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6329 Code Injection vulnerability 7.5 Perl 5.8
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

CVE-2012-6329 Code Injection vulnerability in Perl

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6329 Code Injection vulnerability 7.5 Perl
Solaris 11.1 11.1.7.5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Multiple vulnerabilities fixed in Wireshark 1.8.4

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-6052 Information Exposure vulnerability 5.0 Wireshark
Solaris 11.1 11.1.7.5.0
CVE-2012-6053 Numeric Errors vulnerability 5.0
CVE-2012-6054 Numeric Errors vulnerability 5.0
CVE-2012-6055 Numeric Errors vulnerability 5.0
CVE-2012-6056 Numeric Errors vulnerability 5.0
CVE-2012-6057 Numeric (more...)

CVE-2013-1667 Denial of Service (DoS) vulnerability in Perl 5.16

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1667 Denial of Service (DoS) vulnerability 7.5 Perl 5.16
Solaris 11.1 11.1.7.5.0

Oracle acknowledges with thanks, Ricardo Signes from cpan.org for bringing this issue to our attention.

This notification describes vulnerabilities fixed in (more...)

CVE-2013-1667 Denial of Service (DoS) vulnerability in Perl 5.12

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1667 Denial of Service (DoS) vulnerability 7.5 Perl 5.12
Solaris 11.1 11.1.7.5.0

Oracle acknowledges with thanks, Ricardo Signes from cpan.org for bringing this issue to our attention.

This notification describes vulnerabilities fixed in (more...)

CVE-2013-1667 Denial of Service (DoS) vulnerability in Perl 5.8

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-1667 Denial of Service (DoS) vulnerability 7.5 Perl 5.8
Solaris 10 SPARC: 148561-04 X86: 148562-04
Solaris 11.1 11.1.7.5.0

Oracle acknowledges with thanks, Ricardo Signes from cpan.org for bringing this issue to our attention.

(more...)

Multiple vulnerabilities in Samba Web Administration Tool (SWAT)

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0213 Clickjacking vulnerability 2.9 Samba
Solaris 11.1 Contact Support
Solaris 10 SPARC: 119757-27 X86: 119758-27
CVE-2013-0214 Cross-site request forgery (CSRF) vulnerability 2.9

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information (more...)

Algorithmic complexity vulnerability in Apache Ant

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2012-2098 Algorithmic complexity vulnerability 5.0 Apache Ant
Solaris 11.1 11.1.3.4
Solaris 10 SPARC: 144994-02 144996-02 X86: 144995-02 144997-02

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities (more...)

CVE-2013-0255 Array Index error vulnerability in PostgreSQL

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2013-0255 Array Index error vulnerability 6.8 PostgreSQL
Solaris 10 SPARC: 138822-12 138826-12 138824-12 X86: 138823-12 138827-12 138825-12

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be (more...)

Multiple cross-site scripting (XSS) vulnerabilities in JFreeChart

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-6306 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 JFreeChart
Solaris Cluster 3.2 Contact Support
Solaris Cluster 3.3 SPARC: 150100-01 149432-02 X86: 150101-01 149433-02
CVE-2007-6307 Improper Neutralization of Input During Web Page Generation ('Cross-site (more...)

CVE-2008-4316 Numeric Errors vulnerability in Glib

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2008-4316 Numeric Errors vulnerability 4.6 GLib
Solaris 10 SPARC: 149112-01 X86: 149113-01

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch (more...)

CVE-2011-3970 Denial of Service (DoS) vulnerability in libxslt

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-3970 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 5.0 libxslt
Solaris 10 SPARC: 125731-09 X86: 125732-09

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.