Multiple vulnerabilities in Oracle Java Web Console

Posted by RitwikGhoshal on Oracle Blogs See other posts from Oracle Blogs or by RitwikGhoshal
Published on Wed, 19 Sep 2012 02:13:47 +0000 Indexed on 2012/09/19 3:45 UTC
Read the original article Hit count: 385

Filed under:
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2007-5333 Information Exposure vulnerability 5.0 Apache Tomcat
Solaris 10 SPARC: 147673-04 X86: 147674-04
CVE-2007-5342 Permissions, Privileges, and Access Controls vulnerability 6.4
CVE-2007-6286 Request handling vulnerability 4.3
CVE-2008-0002 Information disclosure vulnerability 5.8
CVE-2008-1232 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2008-1947 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2008-2370 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0
CVE-2008-2938 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3
CVE-2008-5515 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0
CVE-2009-0033 Improper Input Validation vulnerability 5.0
CVE-2009-0580 Information Exposure vulnerability 4.3
CVE-2009-0781 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2009-0783 Information Exposure vulnerability 4.6
CVE-2009-2693 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.8
CVE-2009-2901 Permissions, Privileges, and Access Controls vulnerability 4.3
CVE-2009-2902 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3
CVE-2009-3548 Credentials Management vulnerability 7.5
CVE-2010-1157 Information Exposure vulnerability 2.6
CVE-2010-2227 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 6.4
CVE-2010-3718 Directory traversal vulnerability 1.2
CVE-2010-4172 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2010-4312 Configuration vulnerability 6.4
CVE-2011-0013 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3
CVE-2011-0534 Resource Management Errors vulnerability 5.0
CVE-2011-1184 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2011-2204 Information Exposure vulnerability 1.9
CVE-2011-2526 Improper Input Validation vulnerability 4.4
CVE-2011-3190 Permissions, Privileges, and Access Controls vulnerability 7.5
CVE-2011-4858 Resource Management Errors vulnerability 5.0
CVE-2011-5062 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2011-5063 Improper Authentication vulnerability 4.3
CVE-2011-5064 Cryptographic Issues vulnerability 4.3
CVE-2012-0022 Numeric Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

© Oracle Blogs or respective owner

Multiple vulnerabilities in Oracle Java Web Console

Posted by RitwikGhoshal on Oracle Blogs See other posts from Oracle Blogs or by RitwikGhoshal
Published on Wed, 19 Sep 2012 01:58:59 +0000 Indexed on 2012/09/19 3:45 UTC
Read the original article Hit count: 385

Filed under:
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution
CVE-2011-0534 Resource Management Errors vulnerability 5.0 Apache Tomcat
Solaris 10 SPARC: 147673-04 X86: 147674-04
CVE-2011-1184 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2011-2204 Information Exposure vulnerability 1.9
CVE-2011-2526 Improper Input Validation vulnerability 4.4
CVE-2011-2729 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2011-3190 Permissions, Privileges, and Access Controls vulnerability 7.5
CVE-2011-3375 Information Exposure vulnerability 5.0
CVE-2011-4858 Resource Management Errors vulnerability 5.0
CVE-2011-5062 Permissions, Privileges, and Access Controls vulnerability 5.0
CVE-2011-5063 Improper Authentication vulnerability 4.3
CVE-2011-5064 Cryptographic Issues vulnerability 4.3
CVE-2012-0022 Numeric Errors vulnerability 5.0

This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

© Oracle Blogs or respective owner

Related posts about /Alerts