Summary: | <dev-java/oracle-{jdk,jre}-bin-1.7.0.45 - Multiple vulnerabilities. | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/55315/ | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 292001, 483018 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2013-10-16 11:00:31 UTC
Please stabilize =dev-java/oracle-{jdk,jre}-bin-1.7.0.45. Target keywords: amd64 x86 Please ignore the "Depends on" field for this stabilization. amd64 and x86 stable. Old removed. CVE-2013-5854 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854): Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors. CVE-2013-5852 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5851 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. CVE-2013-5850 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2013-5849 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT. CVE-2013-5848 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2013-5846 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5844 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5843 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2013-5842 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2013-5840 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. CVE-2013-5838 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838): Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2013-5832 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2013-5830 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. CVE-2013-5829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2013-5825 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. CVE-2013-5824 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5823 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. CVE-2013-5820 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS. CVE-2013-5819 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2013-5818 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2013-5817 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. CVE-2013-5814 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. CVE-2013-5812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. CVE-2013-5810 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-5809 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2013-5806 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. CVE-2013-5805 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. CVE-2013-5804 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. CVE-2013-5803 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. CVE-2013-5802 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. CVE-2013-5801 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2013-5800 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2013-5797 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. CVE-2013-5790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS. CVE-2013-5789 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5788 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788): Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5787 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2013-5784 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING. CVE-2013-5783 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing. CVE-2013-5782 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2013-5780 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780): Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. CVE-2013-5778 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778): Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2013-5777 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777): Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-5776 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776): Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. CVE-2013-5775 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775): Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-5774 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774): Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. CVE-2013-5772 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772): Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat. CVE-2013-3829 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829): Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. This issue was resolved and addressed in GLSA 201401-30 at http://security.gentoo.org/glsa/glsa-201401-30.xml by GLSA coordinator Sean Amoss (ackle). |