Sign-up

ID

VAR-201112-0123


CVE

CVE-2011-5035


TITLE

Hash table implementations vulnerable to algorithmic complexity attacks

Trust: 0.8

sources: CERT/CC: VU#903934

DESCRIPTION

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Oracle GlassFish Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. Oracle GlassFish Server 3.1.1 and prior versions are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now available and addresses the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3 Impact: Multiple vulnerabilities in Java 1.6.0_29 Description: Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: f76807153bc0ca253e4a466a2a8c0abf1e180667 For OS X Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: 176ac1f8e79b4245301e84b616de5105ccd13e16 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJPezVqAAoJEGnF2JsdZQee7gIIALa7b5hVTKL7kOXF7EYT6wjx VnAmxoQbjEwpBkdzPzqqhCQ303/iBdLdHr2O/yxdaX0tFuB+5+4iInPU2t6O+PNh 7iJ3rhQszzIj5q/qGDXyzIQEjurNfvrEKAxQ3T7uj1At+n/9YVBaw8p6i+HopbRc Fo6Jrxy0Qf/MyeGO4lqxht2Aq8omh+pEBNP68EglqrJp/CjZTYGaFAHVGvnm8/gA wjcpIRQBacXcBCJ3K8pZhuQvXhm+GVLWYgc2KGsZ/l7jbQX5Bi67b7CFf7lBHlyd V7ss6N/0T/O3nspdhg+jhnvcaia1Ow3GikC/707NNkM8Dm3lm0DFVMBBgpNvPcU= =Pf96 -----END PGP SIGNATURE----- . Description: This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.4 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. Bugs fixed (http://bugzilla.redhat.com/): 706106 - CVE-2011-0865 OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658) 706139 - CVE-2011-0862 OpenJDK: integer overflows in JPEGImageReader and font SunLayoutEngine (2D, 7013519) 706153 - CVE-2011-0867 OpenJDK: NetworkInterface information leak (Networking, 7013969) 706234 - CVE-2011-0869 OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971) 706241 - CVE-2011-0868 OpenJDK: incorrect numeric type conversion in TransformHelper (2D, 7016495) 706248 - CVE-2011-0871 OpenJDK: MediaTracker created Component instances with unnecessary privileges (Swing, 7020198) 711675 - CVE-2011-0873 Oracle/IBM JDK: unspecified vulnerability fixed in 6u26 (2D) 711676 - CVE-2011-0863 Oracle/IBM JDK: unspecified vulnerability fixed in 6u26 (Deployment) 711677 - CVE-2011-0802 CVE-2011-0814 Oracle/IBM JDK: unspecified vulnerabilities fixed in 6u26 (Sound) 737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) 745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) 745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640) 745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) 745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823) 745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902) 745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857) 745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466) 745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012) 745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) 745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794) 747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound) 747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing) 747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT) 747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment) 788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2012-0507 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 789301 - CVE-2012-0497 OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642) 790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790724 - CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment) 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757) 831353 - CVE-2012-1721 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831354 - CVE-2012-1722 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831355 - CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476) 853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201) 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867186 - CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment) 867187 - CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867190 - CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 876389 - CVE-2012-4823 IBM JDK: java.lang.ClassLoder defineClass() code execution 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446) 913030 - CVE-2013-1487 Oracle JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment) 917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014) 917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675) 920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305) 920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D) 952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040) 952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435) 952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918) 952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667) 952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617) 952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857) 952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329) 952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031) 952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724) 952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986) 952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987) 952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994) 953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install) 953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D) 953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D) 953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment) 973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375) 975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243) 975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248) 975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253) 975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257) 975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438) 975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597) 975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601) 975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071) 975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328) 975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744) 975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554) 975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038) 975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642) 975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120) 975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124) 975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330) 975138 - CVE-2013-2452 OpenJDK: Unique VMIDs (Libraries, 8001033) 975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812) 975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318) 975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638) 975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132) 975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703) 975146 - CVE-2013-2451 OpenJDK: exclusive port binding (Networking, 7170730) 975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034) 975757 - CVE-2013-2464 Oracle JDK: unspecified vulnerability fixed in 7u25 (2D) 975761 - CVE-2013-2468 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment) 975764 - CVE-2013-2466 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment) 975767 - CVE-2013-3743 Oracle JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT) 975770 - CVE-2013-2442 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment) 975773 - CVE-2013-2437 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment) 6. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. CVE-2011-3377 The Iced Tea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix with the required domain name. CVE-2012-0505 The Java serialization code leaked references to serialization exceptions, possibly leaking critical objects to untrusted code in Java applets and applications. For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 6b24-1.11.1-1. ============================================================================ Ubuntu Security Notice USN-1373-2 March 01, 2012 openjdk-6b18 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: Multiple vulnerabilities in OpenJDK 6 for the ARM architecture have been fixed. Software Description: - openjdk-6b18: Open Source Java implementation Details: USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM (armel). This provides the corresponding OpenJDK 6 update for use with the ARM (armel) architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. This may be increased by adjusting the sun.net.httpserver.maxReqHeaders property. (CVE-2012-0497) It was discovered that an off-by-one error exists in the Java ZIP file processing code. An attacker could us this to cause a denial of service through a maliciously crafted ZIP file. (CVE-2012-0507) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~11.04.1 Ubuntu 10.10: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~10.10.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~10.10.1 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre-headless 6b18-1.8.13-0ubuntu1~10.04.1 openjdk-6-jre-zero 6b18-1.8.13-0ubuntu1~10.04.1 After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03350339 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03350339 Version: 1 HPSBUX02784 SSRT100871 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-05-30 Last Updated: 2012-05-29 - ----------------------------------------------------------------------------- Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. References: CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0504, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP JDK and JRE 7.0.0 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0507 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 JDK and JRE v7.0.01 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0.0, update to Java v7.0.01 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.01 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 30 May 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Fix in AtomicReferenceArray (CVE-2011-3571). Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500). Issues with some KeyboardFocusManager method (CVE-2012-0502). Issues with TimeZone class (CVE-2012-0503). Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505). Issues with some method in corba (CVE-2012-0506). The verification of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Background ========== The Oracle Java Development Kit (JDK) (formerly known as Sun JDK) and the Oracle Java Runtime Environment (JRE) (formerly known as Sun JRE) provide the Oracle Java platform (formerly known as Sun Java Platform). Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact ====== An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Multiple Products Web Form Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47819 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47819/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47819 RELEASE DATE: 2012-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/47819/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47819/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47819 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Oracle products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table. The vulnerability is reported in the following products: * Oracle Application Server 10g Release 3 version 10.1.3.5.0. * Oracle iPlanet Web Server 7.0. * Oracle iPlanet Web Server (formerly Oracle Java System Web Server) 6.1. SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2012:0322-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0322.html Issue date: 2012-02-21 CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine (JVM), or bypass Java sandbox restrictions. (CVE-2012-0497) It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2012-0505) The AtomicReferenceArray class implementation did not properly check if the array was of the expected Object[] type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2011-3571) It was discovered that the use of TimeZone.setDefault() was not restricted by the SecurityManager, allowing an untrusted Java application or applet to set a new default time zone, and hence bypass Java sandbox restrictions. (CVE-2012-0503) The HttpServer class did not limit the number of headers read from HTTP requests. A remote attacker could use this flaw to make an application using HttpServer use an excessive amount of CPU time via a specially-crafted request. This update introduces a header count limit controlled using the sun.net.httpserver.maxReqHeaders property. The default value is 200. (CVE-2011-5035) The Java Sound component did not properly check buffer boundaries. Malicious input, or an untrusted Java application or applet could use this flaw to cause the Java Virtual Machine (JVM) to crash or disclose a portion of its memory. (CVE-2011-3563) A flaw was found in the AWT KeyboardFocusManager that could allow an untrusted Java application or applet to acquire keyboard focus and possibly steal sensitive information. (CVE-2012-0502) It was discovered that the CORBA (Common Object Request Broker Architecture) implementation in Java did not properly protect repository identifiers on certain CORBA objects. This could have been used to modify immutable object data. (CVE-2012-0506) An off-by-one flaw, causing a stack overflow, was found in the unpacker for ZIP files. A specially-crafted ZIP archive could cause the Java Virtual Machine (JVM) to crash when opened. (CVE-2012-0501) This erratum also upgrades the OpenJDK package to IcedTea6 1.10.6. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 789301 - CVE-2012-0497 OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3563.html https://www.redhat.com/security/data/cve/CVE-2011-3571.html https://www.redhat.com/security/data/cve/CVE-2011-5035.html https://www.redhat.com/security/data/cve/CVE-2012-0497.html https://www.redhat.com/security/data/cve/CVE-2012-0501.html https://www.redhat.com/security/data/cve/CVE-2012-0502.html https://www.redhat.com/security/data/cve/CVE-2012-0503.html https://www.redhat.com/security/data/cve/CVE-2012-0505.html https://www.redhat.com/security/data/cve/CVE-2012-0506.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.6/NEWS http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPRBvTXlSAg2UNWIIRArkfAJ9B74k5cUjTIZGepTvbu+3kEcMpIgCgo2FR eIi8N5jfo4lIBLPu4EKFpVo= =ChsF -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 3.69

sources: NVD: CVE-2011-5035 // CERT/CC: VU#903934 // JVNDB: JVNDB-2011-003567 // BID: 51194 // VULMON: CVE-2011-5035 // PACKETSTORM: 110181 // PACKETSTORM: 111594 // PACKETSTORM: 123734 // PACKETSTORM: 125556 // PACKETSTORM: 110284 // PACKETSTORM: 110365 // PACKETSTORM: 113170 // PACKETSTORM: 109918 // PACKETSTORM: 124943 // PACKETSTORM: 109353 // PACKETSTORM: 110035

AFFECTED PRODUCTS

vendor:oraclemodel:glassfish serverscope:eqversion:3.0.1

Trust: 2.1

vendor:oraclemodel:glassfish serverscope:eqversion:2.1.1

Trust: 2.1

vendor:oraclemodel:glassfish serverscope:eqversion:3.1.1

Trust: 1.1

vendor:oraclemodel:communications serverscope:eqversion:2.0

Trust: 1.1

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.4

Trust: 1.1

vendor:oraclemodel:weblogic serverscope:eqversion:9.2.4

Trust: 1.1

vendor:oraclemodel:weblogic serverscope:eqversion:10.0.2

Trust: 1.1

vendor:oraclemodel:glassfish serverscope:lteversion:3.1.1

Trust: 1.0

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:apache tomcatmodel: - scope: - version: -

Trust: 0.8

vendor:microsoftmodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel: - scope: - version: -

Trust: 0.8

vendor:rubymodel: - scope: - version: -

Trust: 0.8

vendor:the php groupmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7.3

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7.3

Trust: 0.8

vendor:oraclemodel:java system web serverscope:eqversion:6.1

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:10g r3 (10.1.3.5.0)

Trust: 0.8

vendor:oraclemodel:iplanet web serverscope:eqversion:7.0

Trust: 0.8

vendor:oraclemodel:jrockitscope:lteversion:27.7.1

Trust: 0.8

vendor:oraclemodel:jrockitscope:lteversion:28.2.2

Trust: 0.8

vendor:oraclemodel:sun java system application serverscope:eqversion:8.1

Trust: 0.8

vendor:oraclemodel:sun java system application serverscope:eqversion:8.2

Trust: 0.8

vendor:oraclemodel:weblogic serverscope:eqversion:11gr1 (10.3.3

Trust: 0.8

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.5)

Trust: 0.8

vendor:oraclemodel:weblogic serverscope:eqversion:12cr1 (12.1.1)

Trust: 0.8

vendor:hewlett packardmodel:hp xp p9000 performance advisor softwarescope:lteversion:5.4.1

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:enterprise version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:standard version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application serverscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:cosminexus clientscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:light version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:professional version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:standard version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developerscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:cosminexus developer's kit for javascope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:hitachimodel:cosminexus serverscope:eqversion:- standard edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus serverscope:eqversion:- web edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- standard edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- web edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:hirdb for java /xmlscope: - version: -

Trust: 0.8

vendor:hitachimodel:developer's kit for javascope: - version: -

Trust: 0.8

vendor:hitachimodel:processing kit for xmlscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:enterprise

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:express

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:smart edition

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus clientscope:eqversion:none

Trust: 0.8

vendor:hitachimodel:ucosminexus clientscope:eqversion:for plug-in

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:01

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional for plug-in

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus operatorscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus portal frameworkscope:eqversion:entry set

Trust: 0.8

vendor:hitachimodel:ucosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:architect

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:platform

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:platform - messaging

Trust: 0.8

vendor:fujitsumodel:internet navigware serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application development cycle managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application framework suitescope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope:eqversion:none

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope:eqversion:plus developer / apworks / studio

Trust: 0.8

vendor:fujitsumodel:interstage business application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage form coordinator workflowscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage job workload serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage list managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage list worksscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage service integratorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage shunsaku data managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage web serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage xml business activity recorderscope: - version: -

Trust: 0.8

vendor:fujitsumodel:serverviewscope:eqversion:resource orchestrator cloud edition

Trust: 0.8

vendor:fujitsumodel:success serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker availability viewscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker desktop inspectionscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it change managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it process masterscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker operation managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker runbook automationscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker service catalog managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker service quality coordinatorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker software configuration managerscope: - version: -

Trust: 0.8

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.5.0

Trust: 0.3

vendor:oraclemodel:jrockit r28.2.2scope: - version: -

Trust: 0.3

vendor:ibmmodel:java se sr8 fp1scope:eqversion:6

Trust: 0.3

vendor:sunmodel:java system web server sp9scope:eqversion:6.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp1scope:eqversion:11

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.0-50scope:eqversion:1.5.015

Trust: 0.3

vendor:hitachimodel:processing kit for xmlscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux as extrasscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:hitachimodel:cosminexus studio web editionscope:eqversion:-0

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.06

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:6

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:hitachimodel:cosminexus application server standardscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:java ibm 64-bit sdk for z/osscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:hpmodel:jdk and jrescope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:sunmodel:java system web server sp7scope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:avayamodel:communication managerscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.2scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.5scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.8

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:1.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:weblogic serverscope:eqversion:12.1.10

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:redhatmodel:enterprise linux extrasscope:eqversion:4

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:sunmodel:iplanet web serverscope:eqversion:7.0

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:0

Trust: 0.3

vendor:susemodel:linux enterprise server sp2scope:eqversion:11

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0.0.52

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:sunmodel:java system application serverscope:eqversion:8.2

Trust: 0.3

vendor:hitachimodel:cosminexus developer standardscope:eqversion:0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.014

Trust: 0.3

vendor:hitachimodel:cosminexus application server enterprisescope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:avayamodel:irscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.9scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.011

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.3scope: - version: -

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus client for plug-inscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:java se sr6scope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.0

Trust: 0.3

vendor:oraclemodel:jrockit r27.1.0scope: - version: -

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.3

Trust: 0.3

vendor:hitachimodel:ucosminexus developerscope:eqversion:010

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:2.0

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:oraclemodel:jrockit r28.1.4scope: - version: -

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.1

Trust: 0.3

vendor:hitachimodel:ucosminexus developer lightscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus service platform messagingscope:eqversion:-0

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.10

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:sunmodel:java system web server sp5scope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:jrockit r28.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.6scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.012

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.8scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:sunmodel:java system web server sp8scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp2scope:eqversion:5.2

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.04

Trust: 0.3

vendor:hitachimodel:ucosminexus application server lightscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:sunmodel:java system web server sp4scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:oraclemodel:jrockit r27.7.1scope: - version: -

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:sunmodel:java system web server sp10scope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:3.1

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux ws extrasscope:eqversion:4

Trust: 0.3

vendor:ibmmodel:java se sr9scope:eqversion:6.0.0

Trust: 0.3

vendor:oraclemodel:jrockit r28.1.1scope: - version: -

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.5

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux es extrasscope:eqversion:4

Trust: 0.3

vendor:avayamodel:message networking sp1scope:eqversion:5.2

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp1scope:eqversion:11

Trust: 0.3

vendor:hpmodel:xp p9000 performance advisorscope:neversion:5.5.1

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.010

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.013

Trust: 0.3

vendor:sunmodel:java system web server sp2scope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.4scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp3scope:eqversion:5.2

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.015

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.018

Trust: 0.3

vendor:hitachimodel:cosminexus primary server basescope:eqversion:0

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.019

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional for plug-inscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.6

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java ibm 31-bit sdk for z/osscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:ibmmodel:java se sr7scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:communication manager sp3scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.5

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.1

Trust: 0.3

vendor:hpmodel:nonstop serverscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:jrockit r28.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:15.0

Trust: 0.3

vendor:oraclemodel:glassfish server ur1 po1scope:eqversion:1.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.3

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.2

Trust: 0.3

vendor:oraclemodel:jrockit r28.1.3scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:avayamodel:communication managerscope:eqversion:5.1.2

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.10

Trust: 0.3

vendor:oraclemodel:weblogic server 11gr1scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.020

Trust: 0.3

vendor:oraclemodel:iplanet webserverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.1

Trust: 0.3

vendor:hitachimodel:cosminexus studio standard editionscope:eqversion:-0

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp1scope:eqversion:11

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.03

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.10

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.7

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.05

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp2scope:eqversion:11

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:java se sr9-fp2scope:eqversion:6.0.0

Trust: 0.3

vendor:sunmodel:java system web serverscope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:virtual desktop infrastructurescope:eqversion:3.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:avayamodel:messaging application serverscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:glassfish server ur1scope:eqversion:1.0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.7scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:rational synergyscope:neversion:7.2.0.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:jrockit r27.6.0scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server enterprise )scope:eqversion:09-80

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:hitachimodel:cosminexus clientscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:glassfish serverscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp1scope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:sunmodel:java system web server sp3scope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:application server 10g r3scope:eqversion:10.1.3.5.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:avayamodel:communication managerscope:eqversion:5.1

Trust: 0.3

vendor:sunmodel:java system application serverscope:eqversion:8.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise java sp1scope:eqversion:11

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:hpmodel:xp p9000 performance advisorscope:eqversion:5.4.1

Trust: 0.3

vendor:hitachimodel:ucosminexus application server smart editionscope:eqversion:0

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.7

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexus developer professionalscope:eqversion:0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.021

Trust: 0.3

vendor:hpmodel:jdk and jrescope:neversion:7.0.1

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:desktop extrasscope:eqversion:4

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:java se sr5scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus primary server basescope:eqversion:0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.016

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:7

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.07

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:16.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:network node manager iscope:eqversion:9.1

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:hitachimodel:cosminexus developer lightscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational synergyscope:eqversion:7.2.0.2

Trust: 0.3

vendor:oraclemodel:virtual desktop infrastructurescope:eqversion:3.3

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:0

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:neversion:7.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk updatescope:eqversion:1.6.017

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standard-rscope:eqversion:0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:sunmodel:java system web server sp11scope:eqversion:6.1

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational synergyscope:eqversion:7.1.0.5

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:sunmodel:java system web server sp1scope:eqversion:6.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:avayamodel:communication managerscope:eqversion:5.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:susemodel:linux enterprise java sp4scope:eqversion:10

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:ibmmodel:java se sr1scope:neversion:7

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:cosminexus developer no versionscope:eqversion:0

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1 for sp2scope:eqversion:11

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:rational synergyscope:neversion:7.1.0.6

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:sunmodel:java system web server sp6scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:cosminexus application server no versionscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.60

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:ibmmodel:java se sr10scope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.2

Trust: 0.3

sources: CERT/CC: VU#903934 // BID: 51194 // JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2011-5035
value: MEDIUM

Trust: 1.8

CARNEGIE MELLON: VU#903934
value: 10.80

Trust: 0.8

VULMON: CVE-2011-5035
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2011-5035
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

sources: CERT/CC: VU#903934 // VULMON: CVE-2011-5035 // JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2011-003567 // NVD: CVE-2011-5035

THREAT TYPE

network

Trust: 0.3

sources: BID: 51194

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 51194

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2011-5035

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2011-5035

PATCH
title:HT5228url:http://support.apple.com/kb/ht5228
Trust: 0.8
title:HT1338url:http://support.apple.com/kb/ht1338?viewlocale=ja_jp
Trust: 0.8
title:HT5228url:http://support.apple.com/kb/ht5228?viewlocale=ja_jp
Trust: 0.8
title:HS12-007url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html
Trust: 0.8
title:HPSBST02955 SSRT101157url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en&cc=us&objectid=c04047415
Trust: 0.8
title:Text Form of Oracle Critical Patch Update - January 2013 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujan2013verbose-1897756.html
Trust: 0.8
title:Oracle Critical Patch Update Advisory - April 2012url:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
Trust: 0.8
title:Oracle Critical Patch Update Advisory - January 2012url:http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Trust: 0.8
title:Oracle Critical Patch Update Advisory - January 2013url:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Trust: 0.8
title:Oracle Security Alert for CVE-2011-5035url:http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
Trust: 0.8
title:RHSA-2013:1455url:http://rhn.redhat.com/errata/rhsa-2013-1455.html
Trust: 0.8
title:January 2012 Critical Patch Update Releasedurl:http://blogs.oracle.com/security/entry/january_2012_critical_patch_update
Trust: 0.8
title:January 2013 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/january_2013_critical_patch_update
Trust: 0.8
title:interstage_as_201201url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201201.html
Trust: 0.8
title:HS12-007url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-007/index.html
Trust: 0.8
title:Red Hat: Important: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20120322 - security advisory
Trust: 0.1
title:Red Hat: Critical: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20120135 - security advisory
Trust: 0.1
title:Red Hat: Critical: java-1.6.0-sun security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20120139 - security advisory
Trust: 0.1
title:Red Hat: Critical: java-1.6.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20120514 - security advisory
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6b18 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-1373-2
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-1373-1
Trust: 0.1
title:Amazon Linux AMI: ALAS-2012-043url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=alas-2012-043
Trust: 0.1
title:Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20131455 - security advisory
Trust: 0.1
title:Threatposturl:https://threatpost.com/oracle-patches-88-vulnerabilities-including-some-allow-remote-exploits-without-authentication/76457/
Trust: 0.1
title:welivesecurityurl:https://www.welivesecurity.com/2012/04/05/mac-flashback-trojan-java-update/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2011-5035 // 
            
            
            
            JVNDB: JVNDB-2011-003567

EXTERNAL IDS
db:NVDid:CVE-2011-5035
Trust: 3.3
db:CERT/CCid:VU#903934
Trust: 2.7
db:OCERTid:OCERT-2011-003
Trust: 2.2
db:SECUNIAid:48589
Trust: 1.1
db:SECUNIAid:57126
Trust: 1.1
db:SECUNIAid:48073
Trust: 1.1
db:SECUNIAid:48074
Trust: 1.1
db:SECUNIAid:48950
Trust: 1.1
db:JVNDBid:JVNDB-2011-003567
Trust: 0.8
db:BIDid:51194
Trust: 0.4
db:HITACHIid:HS12-007
Trust: 0.3
db:SECUNIAid:47819
Trust: 0.2
db:EXPLOIT-DBid:2012
Trust: 0.1
db:VULMONid:CVE-2011-5035
Trust: 0.1
db:PACKETSTORMid:110181
Trust: 0.1
db:PACKETSTORMid:111594
Trust: 0.1
db:PACKETSTORMid:123734
Trust: 0.1
db:PACKETSTORMid:125556
Trust: 0.1
db:PACKETSTORMid:110284
Trust: 0.1
db:PACKETSTORMid:110365
Trust: 0.1
db:PACKETSTORMid:113170
Trust: 0.1
db:PACKETSTORMid:109918
Trust: 0.1
db:PACKETSTORMid:124943
Trust: 0.1
db:PACKETSTORMid:109353
Trust: 0.1
db:PACKETSTORMid:110035
Trust: 0.1
sources:
            
            
            CERT/CC: VU#903934 // 
            
            
            
            VULMON: CVE-2011-5035 // 
            
            
            
            BID: 51194 // 
            
            
            
            JVNDB: JVNDB-2011-003567 // 
            
            
            
            PACKETSTORM: 110181 // 
            
            
            
            PACKETSTORM: 111594 // 
            
            
            
            PACKETSTORM: 123734 // 
            
            
            
            PACKETSTORM: 125556 // 
            
            
            
            PACKETSTORM: 110284 // 
            
            
            
            PACKETSTORM: 110365 // 
            
            
            
            PACKETSTORM: 113170 // 
            
            
            
            PACKETSTORM: 109918 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 109353 // 
            
            
            
            PACKETSTORM: 110035 // 
            
            
            
            NVD: CVE-2011-5035

REFERENCES
url:http://www.ocert.org/advisories/ocert-2011-003.html
Trust: 2.2
url:http://www.nruns.com/_downloads/advisory28122011.pdf
Trust: 2.2
url:http://www.kb.cert.org/vuls/id/903934
Trust: 1.9
url:http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
Trust: 1.4
url:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
Trust: 1.4
url:http://rhn.redhat.com/errata/rhsa-2013-1455.html
Trust: 1.2
url:https://github.com/firefart/hashcollision-dos-poc/blob/master/hashtablepoc.py
Trust: 1.1
url:http://secunia.com/advisories/48589
Trust: 1.1
url:http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
Trust: 1.1
url:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Trust: 1.1
url:http://secunia.com/advisories/48950
Trust: 1.1
url:http://www.mandriva.com/security/advisories?name=mdvsa-2013:150
Trust: 1.1
url:http://www.debian.org/security/2012/dsa-2420
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=139344343412337&w=2
Trust: 1.1
url:http://secunia.com/advisories/57126
Trust: 1.1
url:http://security.gentoo.org/glsa/glsa-201406-32.xml
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=134254957702612&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=133364885411663&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=133847939902305&w=2
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16908
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=134254866602253&w=2
Trust: 1.1
url:http://rhn.redhat.com/errata/rhsa-2012-0514.html
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
Trust: 1.1
url:http://secunia.com/advisories/48073
Trust: 1.1
url:http://secunia.com/advisories/48074
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5035
Trust: 0.9
url:https://nvd.nist.gov/vuln/detail/cve-2011-5035
Trust: 0.9
url:http://www.cs.rice.edu/~scrosby/hash/crosbywallach_usenixsec2003.pdf
Trust: 0.8
url:http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx
Trust: 0.8
url:http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx
Trust: 0.8
url:http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606
Trust: 0.8
url:http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html
Trust: 0.8
url:http://jvn.jp/cert/jvnvu903934
Trust: 0.8
url:http://jvn.jp/cert/jvnvu514315/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5035
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0505
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0497
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0503
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0501
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2011-3563
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0506
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2012-0502
Trust: 0.8
url:http://www.ibm.com/developerworks/java/jdk/alerts/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2012-0507
Trust: 0.6
url:http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
Trust: 0.5
url:http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2012-0499
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2012-0500
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2012-0498
Trust: 0.4
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03350339
Trust: 0.3
url:http://www.oracle.com/us/products/middleware/application-server/oracle-glassfish-server/index.html
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg1pm59971
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg1pm59978
Trust: 0.3
url:http://support.avaya.com/css/p8/documents/100159245
Trust: 0.3
url:http://downloads.avaya.com/css/p8/documents/100160575
Trust: 0.3
url:https://downloads.avaya.com/css/p8/documents/100160941
Trust: 0.3
url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184&ac.admitted=1332960372864.876444892.199480143
Trust: 0.3
url:http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184&ac.admitted=1333452463922.876444892.492883150
Trust: 0.3
url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html
Trust: 0.3
url:http://www.ubuntu.com/usn/usn-1373-1
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2011-3563.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0497.html
Trust: 0.2
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.2
url:https://access.redhat.com/security/team/key/#package
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0503.html
Trust: 0.2
url:https://access.redhat.com/security/team/contact/
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0506.html
Trust: 0.2
url:http://bugzilla.redhat.com/):
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0501.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0502.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2011-5035.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0505.html
Trust: 0.2
url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-0504
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2011-3571
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/51194
Trust: 0.1
url:https://access.redhat.com/errata/rhsa-2012:0322
Trust: 0.1
url:https://usn.ubuntu.com/1373-2/
Trust: 0.1
url:https://www.exploit-db.com/exploits/2012/
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=25553
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6/6b23~pre11-0ubuntu1.11.10.2
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6/6b22-1.10.6-0ubuntu1
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.10.1
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.04.1
Trust: 0.1
url:http://www.apple.com/support/downloads/
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:http://support.apple.com/kb/ht1222
Trust: 0.1
url:http://www.o
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2468.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0873.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3548.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1540.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1476.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2463.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2446.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3521
Trust: 0.1
url:https://access.redhat.com/site/articles/11258
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1500.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0428.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1480.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3556.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2419.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3546
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0401.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2444.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0425.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2454.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5089.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3551.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1722.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5079.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0500.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0419.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3389.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2422.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3561.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1721.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5081.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0409.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5071.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0863.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0423.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1532.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3216.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5069.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0499.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0862
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0867.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5084.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0443.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0507.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2451.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3552.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0809.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1487.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0351.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0814.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3547.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-4820.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3549
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0427.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0433.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1493.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1569.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5073.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3554.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-4823.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2435.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2456.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-3743.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3549.html
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#low
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2407.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3553
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3516.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0871.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3554
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2470.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5068.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1541.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0868.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3389
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-4822.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0873
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3159.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1557.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5075.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2471.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2429.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3548
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3521.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3551
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2443.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1713.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3547
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3213.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0441.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2457.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2412.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5072.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3553.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1718.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0432.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0446.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1481.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1537.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1717.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3545
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1531.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2432.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2447.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0802.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2452.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0865.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0450.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3516
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3545.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1491.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2464.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0862.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1571.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2383.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2418.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3561
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1473.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3556
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0547.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1563.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2465.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2472.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2466.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2424.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2453.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3544.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0867
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2473.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2433.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2437.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1716.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-5083.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1533.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3342.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0869
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0426.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2450.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3560.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3550
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3557.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3143.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0440.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1725.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0865
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2417.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0445.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2394.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2455.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0498.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1682.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2442.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2459.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2430.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3560
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3546.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0442.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0551.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0424.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3552
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3544
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-0869.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2448.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0863
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1719.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3550.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1486.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3557
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2384.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0169.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2469.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0438.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0871
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0868
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-1478.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0435.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-0434.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0802
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0814
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2420.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2440.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-2204
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-2370
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-0002
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-3548
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-2526
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-2902
Trust: 0.1
url:http://www.hp.com
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0534
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-3718
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2007-6286
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2007-5333
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3190
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2007-5342
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-2693
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2007-5461
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-2227
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-1232
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-5063
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-1947
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-1184
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-5064
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-4172
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-2481
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-5062
Trust: 0.1
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.1
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-0013
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2010-1157
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-2729
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-2901
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3377
Trust: 0.1
url:http://www.debian.org/security/faq
Trust: 0.1
url:http://www.debian.org/security/
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~10.10.1
Trust: 0.1
url:http://www.ubuntu.com/usn/usn-1373-2
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~11.04.1
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.13-0ubuntu1~10.04.1
Trust: 0.1
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.1
url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.1
url:https://www.hp.com/go/swa
Trust: 0.1
url:http://www.hp.com/go/java
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0497
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3571
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0505
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0500
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3563
Trust: 0.1
url:http://www.mandriva.com/security/
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0498
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0499
Trust: 0.1
url:http://www.mandriva.com/security/advisories
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0503
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0506
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0502
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1719
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201401-30.xml
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1722
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1718
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1682
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1721
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089
Trust: 0.1
url:http://secunia.com/company/jobs/
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/advisories/47819/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47819
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/47819/#comments
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
url:https://access.redhat.com/kb/docs/doc-11259
Trust: 0.1
url:http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.6/news
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#important
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2011-3571.html
Trust: 0.1
url:https://rhn.redhat.com/errata/rhsa-2012-0322.html
Trust: 0.1
sources:
            
            
            CERT/CC: VU#903934 // 
            
            
            
            VULMON: CVE-2011-5035 // 
            
            
            
            BID: 51194 // 
            
            
            
            JVNDB: JVNDB-2011-003567 // 
            
            
            
            PACKETSTORM: 110181 // 
            
            
            
            PACKETSTORM: 111594 // 
            
            
            
            PACKETSTORM: 123734 // 
            
            
            
            PACKETSTORM: 125556 // 
            
            
            
            PACKETSTORM: 110284 // 
            
            
            
            PACKETSTORM: 110365 // 
            
            
            
            PACKETSTORM: 113170 // 
            
            
            
            PACKETSTORM: 109918 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 109353 // 
            
            
            
            PACKETSTORM: 110035 // 
            
            
            
            NVD: CVE-2011-5035

CREDITS
Alexander Klink, n.runs AG and Julian Waumllde, Technische Universit Darmstadt
Trust: 0.3
sources:
            
            
            BID: 51194

SOURCES
db:CERT/CCid:VU#903934
db:VULMONid:CVE-2011-5035
db:BIDid:51194
db:JVNDBid:JVNDB-2011-003567
db:PACKETSTORMid:110181
db:PACKETSTORMid:111594
db:PACKETSTORMid:123734
db:PACKETSTORMid:125556
db:PACKETSTORMid:110284
db:PACKETSTORMid:110365
db:PACKETSTORMid:113170
db:PACKETSTORMid:109918
db:PACKETSTORMid:124943
db:PACKETSTORMid:109353
db:PACKETSTORMid:110035
db:NVDid:CVE-2011-5035

LAST UPDATE DATE
2024-05-04T20:13:45.178000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#903934date:2016-02-15T00:00:00
db:VULMONid:CVE-2011-5035date:2018-01-06T00:00:00
db:BIDid:51194date:2015-04-13T21:24:00
db:JVNDBid:JVNDB-2011-003567date:2015-03-06T00:00:00
db:NVDid:CVE-2011-5035date:2018-01-06T02:29:26.690

SOURCES RELEASE DATE
db:CERT/CCid:VU#903934date:2011-12-28T00:00:00
db:VULMONid:CVE-2011-5035date:2011-12-30T00:00:00
db:BIDid:51194date:2011-12-29T00:00:00
db:JVNDBid:JVNDB-2011-003567date:2012-01-04T00:00:00
db:PACKETSTORMid:110181date:2012-02-24T22:58:36
db:PACKETSTORMid:111594date:2012-04-05T01:14:57
db:PACKETSTORMid:123734date:2013-10-23T22:57:57
db:PACKETSTORMid:125556date:2014-03-06T02:39:08
db:PACKETSTORMid:110284date:2012-02-29T16:03:17
db:PACKETSTORMid:110365date:2012-03-02T03:55:14
db:PACKETSTORMid:113170date:2012-06-01T00:12:35
db:PACKETSTORMid:109918date:2012-02-18T03:25:35
db:PACKETSTORMid:124943date:2014-01-27T18:30:13
db:PACKETSTORMid:109353date:2012-02-02T03:30:52
db:PACKETSTORMid:110035date:2012-02-22T02:10:34
db:NVDid:CVE-2011-5035date:2011-12-30T01:55:01.640