Red Hat Security Advisory 2014-0414-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory pages, listed in the References section.
5b3fb26a72b3dc5b46c59de7a98419bcfae270b7312d42ac692372308de6f6a1
Mandriva Linux Security Advisory 2014-042 - It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service. A frame injection in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. It was discovered that Tomcat incorrectly handled certain authentication requests. A remote attacker could possibly use this flaw to inject a request that would get executed with a victim's credentials. Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory.
899f987c3224ac9faee7d0f8a77e88d81115d42fecc6807eb47c8c4790da5b05
HP Security Bulletin HPSBUX02922 SSRT101305 - Potential security vulnerabilities have been identified in Java5 Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
504a83d618e734029acfad479193eb73a66f9c4a661b0b418602f9237d2461d7
HP Security Bulletin HPSBUX02908 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 1 of this advisory.
2c32668d8e5c9a198b03b4ff33351ea8b85b647f21ba4a96c3e2a860907e8a6b
HP Security Bulletin HPSBUX02907 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 1 of this advisory.
66e62742080b7c1654084fad9d12f4e8f66d7fcc5539ac51d77c54a620614e6e
Debian Linux Security Advisory 2727-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
d4f5c2f1b04861b6443eec45834b6e3d0c817455527f364f468feff87986028c
Ubuntu Security Notice 1908-1 - A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. An attacker could exploit this to cause a denial of service or expose sensitive data over the network. Various other issues were also addressed.
c6e86f1288af7e22a761f9d766592dbed8c45c4f2f70fe5359000d1b2b6fc3f9
Red Hat Security Advisory 2013-1081-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
f9129cb7b162f33a50d0586fe43b9ef540311ae9b94fa4fadf255a67472c0415
Ubuntu Security Notice 1907-2 - USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-2458) Various other issues were also addressed.
ee7c3dad063c66f3fcb29977ac335a9fccb8ed9c785c0f351c718cd376bc5370
Ubuntu Security Notice 1907-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. An attacker could exploit this to cause a denial of service or expose sensitive data over the network. Various other issues were also addressed.
1ad3edd6b52fc4bda88c057fb372ea41602e2d9426e0d7249af965f82f420ff6
Debian Linux Security Advisory 2722-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
205d6ba45c2ac50e43f376f72ec9f52ae8f2d51b5db211236230f603843dfbef
Mandriva Linux Security Advisory 2013-196 - Updated java-1.6.0-openjdk packages fix multiple security vulnerabilities.
869b68c084c8fd4d72ae353a576a7c8617307bf7360d63d7816d3a7a235ee7d1
Red Hat Security Advisory 2013-1060-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
ee8d21bf3d250b22758d57658b44d4417db7b174c40cba149fa6427c16058940
Red Hat Security Advisory 2013-1059-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
9f6a228046040127622a514b9f1dee514c668e2a2a86fe840ff251b81e09159d
Red Hat Security Advisory 2013-1014-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.
1ea596445194e8038f13aa4fba7db27eb68b91237da76b94dea648c9dafd2f06
Mandriva Linux Security Advisory 2013-183 - Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. Various other issues were addressed.
3bc21ccc47d661daa96394b723e72056e5e5367a29aeae7693f91c800dd74b49
Red Hat Security Advisory 2013-0963-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
fa788ed6640724a39a9d27888724662f9a0a62c5a8c9253349f00f832be6d023
Red Hat Security Advisory 2013-0958-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.
3f77eaf4516bbe12c6edbe2aca993604898a19cfaad97a69e04c200768338d2b
Red Hat Security Advisory 2013-0957-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.
607e92095834e27b38b0876edb3515b60809151352fdfe7243f233f859b32927
Apple Security Advisory 2013-06-18-1 - Java for OS X 2013-004 and Mac OS X v10.6 Update 16 are now available and addresses multiple vulnerabilities that include arbitrary code execution issues.
f8e9f7d76bd910c50d277b999c12859be24a831c1a38b126a92577609223f014