what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

CVE-2015-0478

Status Candidate

Overview

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.

Related Files

Gentoo Linux Security Advisory 201603-11
Posted Mar 14, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201603-11 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites allowing remote attackers to remotely execute arbitrary code, obtain information, and cause Denial of Service. Versions less than 1.8.0.72 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0437, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492, CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2659, CVE-2015-2664, CVE-2015-4000
SHA-256 | a573a776d189960b19aa0b3e4206d544fb1f18907e840bb093538b2819f3c80b
Debian Security Advisory 3316-1
Posted Jul 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3316-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-8873, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | 77f6084f42e84ac99b7ceff809ccb976e89d5a9bf14710928cf2e5b55b224527
Red Hat Security Advisory 2015-1091-01
Posted Jun 11, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1091-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | 1f1c757b8532c2f6bdc5d7166473142c3d7d84cdac3f133218257a51f3cfdf32
Red Hat Security Advisory 2015-1020-01
Posted May 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1020-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | b7d2def09d6a78b4b5773552927e06c22239193f9ed1990fc14f946a4e0ffbeb
Red Hat Security Advisory 2015-1021-01
Posted May 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1021-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | 10ca220cdd88181ecb769acfd07f597ebc5e8fec1ad61aa1d821d8957b3807aa
Red Hat Security Advisory 2015-1006-01
Posted May 13, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1006-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | 6ebf24c3f0db42257759c31fdfcb6d80a98014c1b1d6c137166193e633de9a26
Red Hat Security Advisory 2015-1007-01
Posted May 13, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1007-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | b772b137fb0bdda2ffb0720f11c349a1cbf1d4e0c3104168e2cbee848d92718b
Mandriva Linux Security Advisory 2015-212
Posted Apr 28, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-212 - An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures.

tags | advisory, java, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2005-1080, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 5d632c802729d6afa088371dd777ff906d4a5f0bfbcccd4d11559d46754410c2
Debian Security Advisory 3235-1
Posted Apr 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3235-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 7f63fd15e24f32bf99334d534a5089daac7730ea3359f45be9d8eabcf4eba4e8
Debian Security Advisory 3234-1
Posted Apr 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3234-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | def56cbcb5f101f29f12a80e59378f7d3c5ab84852759f935899affe26802977
Ubuntu Security Notice USN-2573-1
Posted Apr 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2573-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 096e77766a83ea828d4b314e6b7b24c9ce7b6edc5965bc693fcea4a155666ee0
Ubuntu Security Notice USN-2574-1
Posted Apr 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2574-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 0683424e8df590c4b914011d9c5b55a874444f3daa07b619898decc714cd7093
Red Hat Security Advisory 2015-0858-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0858-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491
SHA-256 | 13f8409446168f20911b57e29034f0647d8480c24148b198b89e63ffd80a697a
Red Hat Security Advisory 2015-0857-01
Posted Apr 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0857-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492
SHA-256 | c54689f6ad7f395023088b0e36606b64d46cbcc83638c2801b0f61ddd5f0c4f5
Red Hat Security Advisory 2015-0854-01
Posted Apr 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0854-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492
SHA-256 | 63fb2eee82ffd6233a18a0a0dd56ff5da078eb57b76a6fbf6d67f5269c0b212c
Red Hat Security Advisory 2015-0808-01
Posted Apr 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0808-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

tags | advisory, java, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 3a0ef66142ddc689cba44201a56eaa2c9e8347b91997bee60a9a71c63fa527f3
Red Hat Security Advisory 2015-0809-01
Posted Apr 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0809-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

tags | advisory, java, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 4b311f2046eff7dae79683115dba1e897b0cf1cbe235a54fdd949b6b19abbb0f
Red Hat Security Advisory 2015-0807-01
Posted Apr 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0807-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

tags | advisory, java, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 039106c41849667381adfd1c4098bfaa8e16795be6379a83d48bb1db44757ff1
Red Hat Security Advisory 2015-0806-01
Posted Apr 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0806-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

tags | advisory, java, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
SHA-256 | 0b4f8377127fadf61fa672c3d60031b3007cd49e491ac2c847d9a8eef1d58624
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close