rhsa-2014_0982
Vulnerability from csaf_redhat
Published
2014-07-29 15:40
Modified
2024-11-05 18:32
Summary
Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Network Satellite Server 5.4, 5.5, and 5.6.
The Red Hat Security Response Team has rated this update as having Low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.4, 5.5, and 5.6. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets.
Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888, CVE-2013-5889,
CVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5907, CVE-2013-5910,
CVE-2013-6629, CVE-2013-6954, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,
CVE-2014-0376, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410, CVE-2014-0411,
CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0422, CVE-2014-0423,
CVE-2014-0424, CVE-2014-0428, CVE-2014-0429, CVE-2014-0446, CVE-2014-0449,
CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0457, CVE-2014-0458,
CVE-2014-0460, CVE-2014-0461, CVE-2014-0878, CVE-2014-1876, CVE-2014-2398,
CVE-2014-2401, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,
CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)
Users of Red Hat Network Satellite Server 5.4, 5.5, and 5.6 are advised to
upgrade to these updated packages, which contain the IBM Java SE 6 SR16
release. For this update to take effect, Red Hat Network Satellite Server
must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all
running instances of IBM Java.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.4, 5.5, and 5.6.\n\nThe Red Hat Security Response Team has rated this update as having Low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.4, 5.5, and 5.6. In a typical operating environment, these are of low\nsecurity risk as the runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888, CVE-2013-5889,\nCVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5907, CVE-2013-5910,\nCVE-2013-6629, CVE-2013-6954, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,\nCVE-2014-0376, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410, CVE-2014-0411,\nCVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0422, CVE-2014-0423,\nCVE-2014-0424, CVE-2014-0428, CVE-2014-0429, CVE-2014-0446, CVE-2014-0449,\nCVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0457, CVE-2014-0458,\nCVE-2014-0460, CVE-2014-0461, CVE-2014-0878, CVE-2014-1876, CVE-2014-2398,\nCVE-2014-2401, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,\nCVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)\n\nUsers of Red Hat Network Satellite Server 5.4, 5.5, and 5.6 are advised to\nupgrade to these updated packages, which contain the IBM Java SE 6 SR16\nrelease. For this update to take effect, Red Hat Network Satellite Server\nmust be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all\nrunning instances of IBM Java.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0982", "url": "https://access.redhat.com/errata/RHSA-2014:0982" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "https://www.ibm.com/developerworks/java/jdk/alerts/", "url": "https://www.ibm.com/developerworks/java/jdk/alerts/" }, { "category": "external", "summary": "1031734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031734" }, { "category": "external", "summary": "1045561", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561" }, { "category": "external", "summary": "1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "1053495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495" }, { "category": "external", "summary": "1053496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496" }, { "category": "external", "summary": "1053499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499" }, { "category": "external", "summary": "1053501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501" }, { "category": "external", "summary": "1053502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502" }, { "category": "external", "summary": "1053504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504" }, { "category": "external", "summary": "1053507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507" }, { "category": "external", "summary": "1053508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508" }, { "category": "external", "summary": "1053515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515" }, { "category": "external", "summary": "1053516", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516" }, { "category": "external", "summary": "1053517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517" }, { "category": "external", "summary": "1053518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518" }, { "category": "external", "summary": "1060907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060907" }, { "category": "external", "summary": "1086632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086632" }, { "category": "external", "summary": "1086645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086645" }, { "category": "external", "summary": "1087409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087409" }, { "category": "external", "summary": "1087411", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087411" }, { "category": "external", "summary": "1087417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087417" }, { "category": "external", "summary": "1087426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087426" }, { "category": "external", "summary": "1087427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087427" }, { "category": "external", "summary": "1087428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087428" }, { "category": "external", "summary": "1087430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087430" }, { "category": "external", "summary": "1087431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087431" }, { "category": "external", "summary": "1087434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087434" }, { "category": "external", "summary": "1087436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087436" }, { "category": "external", "summary": "1087439", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087439" }, { "category": "external", "summary": "1087441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087441" }, { "category": "external", "summary": "1087442", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087442" }, { "category": "external", "summary": "1088025", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088025" }, { "category": "external", "summary": "1088027", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088027" }, { "category": "external", "summary": "1088028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088028" }, { "category": "external", "summary": "1088030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088030" }, { "category": "external", "summary": "1088031", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088031" }, { "category": "external", "summary": "1097345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097345" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0982.json" } ], "title": "Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update", "tracking": { "current_release_date": "2024-11-05T18:32:20+00:00", "generator": { "date": "2024-11-05T18:32:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2014:0982", "initial_release_date": "2014-07-29T15:40:11+00:00", "revision_history": [ { "date": "2014-07-29T15:40:11+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-07-29T15:40:11+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T18:32:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.4 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.4::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.5 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.5::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.4 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.4::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.5 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.5::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el6?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el6?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.0-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.0-1jpp.1.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-5878", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: null xmlns handling issue (Security, 8025026)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5878" }, { "category": "external", "summary": "RHBZ#1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5878", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: null xmlns handling issue (Security, 8025026)" }, { "cve": "CVE-2013-5884", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051911" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5884" }, { "category": "external", "summary": "RHBZ#1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5884", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)" }, { "cve": "CVE-2013-5887", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053515" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5887" }, { "category": "external", "summary": "RHBZ#1053515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5888", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053517" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5888" }, { "category": "external", "summary": "RHBZ#1053517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5888", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5889", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053499" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5889" }, { "category": "external", "summary": "RHBZ#1053499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5889", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5889" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5896", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5896" }, { "category": "external", "summary": "RHBZ#1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5896", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" }, { "category": "workaround", "details": "Applications running with a security manager that make direct use of classes\nin these JDK internal packages, need to adjust their security policy to\ngrant access. See Java Security Policy Files documentation.", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)" }, { "cve": "CVE-2013-5898", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053518" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5898" }, { "category": "external", "summary": "RHBZ#1053518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5898", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5898" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5899", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053516" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5899" }, { "category": "external", "summary": "RHBZ#1053516", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5899", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5907", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052915" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5907" }, { "category": "external", "summary": "RHBZ#1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5907", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5907" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)" }, { "cve": "CVE-2013-5910", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052942" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5910" }, { "category": "external", "summary": "RHBZ#1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5910", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)" }, { "cve": "CVE-2013-6629", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2013-11-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1031734" } ], "notes": [ { "category": "description", "text": "The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.", "title": "Vulnerability description" }, { "category": "summary", "text": "libjpeg: information leak (read of uninitialized memory)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-6629" }, { "category": "external", "summary": "RHBZ#1031734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6629", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6629" } ], "release_date": "2013-11-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "libjpeg: information leak (read of uninitialized memory)" }, { "cve": "CVE-2013-6954", "discovery_date": "2013-12-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1045561" } ], "notes": [ { "category": "description", "text": "The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "libpng: unhandled zero-length PLTE chunk or NULL palette", "title": "Vulnerability summary" }, { "category": "other", "text": "Not Vulnerable. This issue does not affect the version of libpng as shipped with Red Hat Enterprise Linux 5 and 6.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-6954" }, { "category": "external", "summary": "RHBZ#1045561", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6954", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6954" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6954", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6954" } ], "release_date": "2013-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libpng: unhandled zero-length PLTE chunk or NULL palette" }, { "cve": "CVE-2014-0368", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052919" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0368" }, { "category": "external", "summary": "RHBZ#1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0368", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)" }, { "cve": "CVE-2014-0373", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051699" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0373" }, { "category": "external", "summary": "RHBZ#1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0373", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0373" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)" }, { "cve": "CVE-2014-0375", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053508" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0375" }, { "category": "external", "summary": "RHBZ#1053508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0375", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0375" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0376", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051923" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0376" }, { "category": "external", "summary": "RHBZ#1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)" }, { "cve": "CVE-2014-0387", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053502" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0387" }, { "category": "external", "summary": "RHBZ#1053502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0387", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0387" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0403", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053507" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0403" }, { "category": "external", "summary": "RHBZ#1053507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0403", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0403" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0410", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053495" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0410" }, { "category": "external", "summary": "RHBZ#1053495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0410", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0410" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0411", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053010" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0411" }, { "category": "external", "summary": "RHBZ#1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0411", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0411" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)" }, { "cve": "CVE-2014-0415", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053496" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0415" }, { "category": "external", "summary": "RHBZ#1053496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0415", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0415" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0416", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051912" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0416" }, { "category": "external", "summary": "RHBZ#1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0416", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)" }, { "cve": "CVE-2014-0417", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053501" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0417" }, { "category": "external", "summary": "RHBZ#1053501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0417", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)" }, { "cve": "CVE-2014-0422", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051528" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0422" }, { "category": "external", "summary": "RHBZ#1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0422", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)" }, { "cve": "CVE-2014-0423", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053066" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XXE issue in decoder (Beans, 8023245)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0423" }, { "category": "external", "summary": "RHBZ#1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0423", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XXE issue in decoder (Beans, 8023245)" }, { "cve": "CVE-2014-0424", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053504" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0424" }, { "category": "external", "summary": "RHBZ#1053504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0424", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0428", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051519" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to \"insufficient security checks in IIOP streams,\" which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0428" }, { "category": "external", "summary": "RHBZ#1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)" }, { "cve": "CVE-2014-0429", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087409" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0429" }, { "category": "external", "summary": "RHBZ#1087409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087409" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0429", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0429" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0429", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0429" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Incorrect mlib/raster image validation (2D, 8027841)" }, { "cve": "CVE-2014-0446", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087439" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Protect logger handlers (Libraries, 8029740)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0446" }, { "category": "external", "summary": "RHBZ#1087439", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087439" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0446", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0446" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0446", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0446" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: Protect logger handlers (Libraries, 8029740)" }, { "cve": "CVE-2014-0449", "discovery_date": "2014-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1088028" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0449" }, { "category": "external", "summary": "RHBZ#1088028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088028" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0449", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0449" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0449", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0449" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)" }, { "cve": "CVE-2014-0451", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087428" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0451" }, { "category": "external", "summary": "RHBZ#1087428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087428" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0451", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0451" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0451", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0451" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)" }, { "cve": "CVE-2014-0452", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087436" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0452" }, { "category": "external", "summary": "RHBZ#1087436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087436" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0452", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0452" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0452", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0452" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)" }, { "cve": "CVE-2014-0453", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1086645" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: RSA unpadding timing issues (Security, 8027766)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0453" }, { "category": "external", "summary": "RHBZ#1086645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0453", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0453" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0453", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0453" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: RSA unpadding timing issues (Security, 8027766)" }, { "cve": "CVE-2014-0457", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087411" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0457" }, { "category": "external", "summary": "RHBZ#1087411", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087411" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0457", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0457" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0457", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0457" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)" }, { "cve": "CVE-2014-0458", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087430" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0458" }, { "category": "external", "summary": "RHBZ#1087430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087430" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0458", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0458" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0458", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0458" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)" }, { "cve": "CVE-2014-0460", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087442" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0460" }, { "category": "external", "summary": "RHBZ#1087442", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087442" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0460", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0460" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0460", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0460" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731)" }, { "cve": "CVE-2014-0461", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087426" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0461" }, { "category": "external", "summary": "RHBZ#1087426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087426" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0461", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0461" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0461", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0461" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)" }, { "cve": "CVE-2014-0878", "discovery_date": "2014-05-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1097345" } ], "notes": [ { "category": "description", "text": "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator\u0027s output.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0878" }, { "category": "external", "summary": "RHBZ#1097345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0878", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0878" } ], "release_date": "2014-05-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers" }, { "cve": "CVE-2014-1876", "cwe": { "id": "CWE-377", "name": "Insecure Temporary File" }, "discovery_date": "2014-02-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1060907" } ], "notes": [ { "category": "description", "text": "The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-1876" }, { "category": "external", "summary": "RHBZ#1060907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-1876", "url": "https://www.cve.org/CVERecord?id=CVE-2014-1876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1876" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-02-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)" }, { "acknowledgments": [ { "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2014-2398", "discovery_date": "2013-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1086632" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2398" }, { "category": "external", "summary": "RHBZ#1086632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2398", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2398" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2398", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2398" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)" }, { "cve": "CVE-2014-2401", "discovery_date": "2014-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1088030" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2401" }, { "category": "external", "summary": "RHBZ#1088030", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088030" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2401", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2401" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2401", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2401" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D)" }, { "cve": "CVE-2014-2409", "discovery_date": "2014-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1088027" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2409" }, { "category": "external", "summary": "RHBZ#1088027", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088027" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2409", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2409" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2409", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2409" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)" }, { "cve": "CVE-2014-2412", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087427" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AWT thread context handling (AWT, 8025010)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2412" }, { "category": "external", "summary": "RHBZ#1087427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087427" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2412", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2412" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2412", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2412" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: AWT thread context handling (AWT, 8025010)" }, { "cve": "CVE-2014-2414", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087431" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2414" }, { "category": "external", "summary": "RHBZ#1087431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087431" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2414", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2414" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2414", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2414" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)" }, { "cve": "CVE-2014-2420", "discovery_date": "2014-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1088031" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2420" }, { "category": "external", "summary": "RHBZ#1088031", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088031" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2420", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2420" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2420", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2420" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)" }, { "cve": "CVE-2014-2421", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087417" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEG decoder input stream handling (2D, 8029854)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2421" }, { "category": "external", "summary": "RHBZ#1087417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2421", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2421" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2421", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2421" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JPEG decoder input stream handling (2D, 8029854)" }, { "cve": "CVE-2014-2423", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087434" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2423" }, { "category": "external", "summary": "RHBZ#1087434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087434" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2423", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2423" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)" }, { "cve": "CVE-2014-2427", "discovery_date": "2014-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1087441" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2427" }, { "category": "external", "summary": "RHBZ#1087441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087441" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2427", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2427" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)" }, { "cve": "CVE-2014-2428", "discovery_date": "2014-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1088025" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-2428" }, { "category": "external", "summary": "RHBZ#1088025", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1088025" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-2428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-2428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-2428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA" } ], "release_date": "2014-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-07-29T15:40:11+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0982" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment)" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.