rhsa-2013_1793
Vulnerability from csaf_redhat
Published
2013-12-05 17:32
Modified
2024-11-25 11:56
Summary
Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Network Satellite Server 5.4, 5.5 and 5.6.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.4, 5.5 and 5.6. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets.
Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457,
CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,
CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789,
CVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804,
CVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818,
CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825,
CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5840,
CVE-2013-5842, CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850,
CVE-2013-5851)
Users of Red Hat Network Satellite Server 5.4, 5.5 and 5.6 are advised to
upgrade to these updated packages, which contain the IBM Java SE 6 SR15
release. For this update to take effect, Red Hat Network Satellite Server
must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all
running instances of IBM Java.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.4, 5.5 and 5.6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.4, 5.5 and 5.6. In a typical operating environment, these are of low\nsecurity risk as the runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457,\nCVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,\nCVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789,\nCVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804,\nCVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818,\nCVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825,\nCVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5840,\nCVE-2013-5842, CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850,\nCVE-2013-5851)\n\nUsers of Red Hat Network Satellite Server 5.4, 5.5 and 5.6 are advised to\nupgrade to these updated packages, which contain the IBM Java SE 6 SR15\nrelease. For this update to take effect, Red Hat Network Satellite Server\nmust be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all\nrunning instances of IBM Java.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:1793", "url": "https://access.redhat.com/errata/RHSA-2013:1793" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "category": "external", "summary": "1018713", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713" }, { "category": "external", "summary": "1018717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018717" }, { "category": "external", "summary": "1018720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720" }, { "category": "external", "summary": "1018727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018727" }, { "category": "external", "summary": "1018750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018750" }, { "category": "external", "summary": "1018785", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018785" }, { "category": "external", "summary": "1018831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018831" }, { "category": "external", "summary": "1018972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018972" }, { "category": "external", "summary": "1018977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018977" }, { "category": "external", "summary": "1018984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018984" }, { "category": "external", "summary": "1019108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108" }, { "category": "external", "summary": "1019110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110" }, { "category": "external", "summary": "1019113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019113" }, { "category": "external", "summary": "1019115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115" }, { "category": "external", "summary": "1019117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019117" }, { "category": "external", "summary": "1019118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019118" }, { "category": "external", "summary": "1019123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019123" }, { "category": "external", "summary": "1019127", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019127" }, { "category": "external", "summary": "1019130", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019130" }, { "category": "external", "summary": "1019131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131" }, { "category": "external", "summary": "1019133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019133" }, { "category": "external", "summary": "1019137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019137" }, { "category": "external", "summary": "1019139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019139" }, { "category": "external", "summary": "1019145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019145" }, { "category": "external", "summary": "1019147", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019147" }, { "category": "external", "summary": "1019691", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019691" }, { "category": "external", "summary": "1019693", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019693" }, { "category": "external", "summary": "1019697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019697" }, { "category": "external", "summary": "1019701", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019701" }, { "category": "external", "summary": "1019702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019702" }, { "category": "external", "summary": "1019706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019706" }, { "category": "external", "summary": "1019710", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019710" }, { "category": "external", "summary": "1019712", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019712" }, { "category": "external", "summary": "1019713", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019713" }, { "category": "external", "summary": "1019715", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019715" }, { "category": "external", "summary": "1019716", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019716" }, { "category": "external", "summary": "1019720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019720" }, { "category": "external", "summary": "1027760", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027760" }, { "category": "external", "summary": "1027764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027764" }, { "category": "external", "summary": "1027768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027768" }, { "category": "external", "summary": "1027825", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027825" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1793.json" } ], "title": "Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update", "tracking": { "current_release_date": "2024-11-25T11:56:38+00:00", "generator": { "date": "2024-11-25T11:56:38+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:1793", "initial_release_date": "2013-12-05T17:32:00+00:00", "revision_history": [ { "date": "2013-12-05T17:32:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-12-05T17:38:10+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T11:56:38+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.4 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.4::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.5 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.5::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el5" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.4 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.4::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.5 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.5::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el6?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)", "product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite54" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)", "product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)", "product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)", "product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite55" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "relates_to_product_reference": "6Server-Satellite" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)", "product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Satellite" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-3829", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019133" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-3829" }, { "category": "external", "summary": "RHBZ#1019133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019133" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-3829", "url": "https://www.cve.org/CVERecord?id=CVE-2013-3829" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3829", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3829" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)" }, { "cve": "CVE-2013-4041", "discovery_date": "2013-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1027764" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified sandbox bypass (JVM)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4041" }, { "category": "external", "summary": "RHBZ#1027764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4041", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4041" } ], "release_date": "2013-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified sandbox bypass (JVM)" }, { "cve": "CVE-2013-5372", "discovery_date": "2013-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1027825" } ], "notes": [ { "category": "description", "text": "The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML4J xml entity expansion excessive memory use (XML)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5372" }, { "category": "external", "summary": "RHBZ#1027825", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027825" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5372", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5372" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5372", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5372" } ], "release_date": "2013-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML4J xml entity expansion excessive memory use (XML)" }, { "cve": "CVE-2013-5375", "discovery_date": "2013-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1027768" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified sandbox bypass (XML)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5375" }, { "category": "external", "summary": "RHBZ#1027768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027768" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5375", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5375" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5375", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5375" } ], "release_date": "2013-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified sandbox bypass (XML)" }, { "cve": "CVE-2013-5457", "discovery_date": "2013-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1027760" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified sandbox bypass (ORB)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5457" }, { "category": "external", "summary": "RHBZ#1027760", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027760" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5457", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5457" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5457", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5457" } ], "release_date": "2013-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified sandbox bypass (ORB)" }, { "cve": "CVE-2013-5772", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018717" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient html escaping in jhat (jhat, 8011081)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5772" }, { "category": "external", "summary": "RHBZ#1018717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5772", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5772" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5772", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5772" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insufficient html escaping in jhat (jhat, 8011081)" }, { "cve": "CVE-2013-5774", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019147" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5774" }, { "category": "external", "summary": "RHBZ#1019147", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019147" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5774", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5774" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5774", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5774" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)" }, { "cve": "CVE-2013-5776", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019712" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5776" }, { "category": "external", "summary": "RHBZ#1019712", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019712" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5776", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5776" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5776", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5776" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5778", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018984" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: image conversion out of bounds read (2D, 8014102)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5778" }, { "category": "external", "summary": "RHBZ#1018984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5778", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5778" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5778", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5778" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: image conversion out of bounds read (2D, 8014102)" }, { "cve": "CVE-2013-5780", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018785" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: key data leak via toString() methods (Libraries, 8011071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5780" }, { "category": "external", "summary": "RHBZ#1018785", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018785" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5780", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5780" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5780", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5780" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: key data leak via toString() methods (Libraries, 8011071)" }, { "cve": "CVE-2013-5782", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019108" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5782" }, { "category": "external", "summary": "RHBZ#1019108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5782", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5782" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5782", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5782" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)" }, { "cve": "CVE-2013-5783", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019137" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5783" }, { "category": "external", "summary": "RHBZ#1019137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019137" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5783", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5783" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5783", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5783" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)" }, { "cve": "CVE-2013-5784", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018727" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5784" }, { "category": "external", "summary": "RHBZ#1018727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018727" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5784", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5784" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5784", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5784" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)" }, { "cve": "CVE-2013-5787", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019693" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5787" }, { "category": "external", "summary": "RHBZ#1019693", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019693" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5787", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5787" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5787", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5787" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5789", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019697" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5789" }, { "category": "external", "summary": "RHBZ#1019697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019697" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5789", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5789" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5789", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5789" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5797", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018720" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5797" }, { "category": "external", "summary": "RHBZ#1018720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5797", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5797" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5797", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5797" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)" }, { "cve": "CVE-2013-5801", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019710" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5801" }, { "category": "external", "summary": "RHBZ#1019710", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019710" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5801", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5801" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5801", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5801" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (2D)" }, { "cve": "CVE-2013-5802", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019130" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5802" }, { "category": "external", "summary": "RHBZ#1019130", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019130" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5802", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5802" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5802", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5802" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)" }, { "cve": "CVE-2013-5803", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018713" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5803" }, { "category": "external", "summary": "RHBZ#1018713", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5803", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5803" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)" }, { "cve": "CVE-2013-5804", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019131" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5804" }, { "category": "external", "summary": "RHBZ#1019131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5804", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5804" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5804", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5804" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)" }, { "cve": "CVE-2013-5809", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019113" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5809" }, { "category": "external", "summary": "RHBZ#1019113", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019113" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5809", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5809" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)" }, { "cve": "CVE-2013-5812", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019706" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5812" }, { "category": "external", "summary": "RHBZ#1019706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5812", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5812" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5812", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5812" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5814", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019117" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5814" }, { "category": "external", "summary": "RHBZ#1019117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019117" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5814", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5814" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)" }, { "cve": "CVE-2013-5817", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019118" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5817" }, { "category": "external", "summary": "RHBZ#1019118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019118" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5817", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5817" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5817", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5817" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)" }, { "cve": "CVE-2013-5818", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019713" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5819 and CVE-2013-5831.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5818" }, { "category": "external", "summary": "RHBZ#1019713", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019713" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5818", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5818" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5818", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5818" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5819", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019715" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5831.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5819" }, { "category": "external", "summary": "RHBZ#1019715", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019715" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5819", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5819" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5819", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5819" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5820", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018972" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks (JAXWS, 8017505)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5820" }, { "category": "external", "summary": "RHBZ#1018972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5820", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5820" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5820", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5820" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient security checks (JAXWS, 8017505)" }, { "cve": "CVE-2013-5823", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019145" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5823" }, { "category": "external", "summary": "RHBZ#1019145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019145" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5823", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5823" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5823", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5823" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)" }, { "cve": "CVE-2013-5824", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019691" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5824" }, { "category": "external", "summary": "RHBZ#1019691", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019691" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5824", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5824" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5825", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019139" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML parsing Denial of Service (JAXP, 8014530)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5825" }, { "category": "external", "summary": "RHBZ#1019139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019139" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5825", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5825" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5825", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5825" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML parsing Denial of Service (JAXP, 8014530)" }, { "cve": "CVE-2013-5829", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019115" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Java2d Disposer security bypass (2D, 8017287)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5829" }, { "category": "external", "summary": "RHBZ#1019115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5829", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5829" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5829", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5829" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Java2d Disposer security bypass (2D, 8017287)" }, { "cve": "CVE-2013-5830", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019110" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5830" }, { "category": "external", "summary": "RHBZ#1019110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5830", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5830" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5830", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5830" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)" }, { "cve": "CVE-2013-5831", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019716" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5819.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5831" }, { "category": "external", "summary": "RHBZ#1019716", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019716" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5831", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5831" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5831", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5831" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5832", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019702" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5852.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5832" }, { "category": "external", "summary": "RHBZ#1019702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5832", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5832" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5840", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018831" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5840" }, { "category": "external", "summary": "RHBZ#1018831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5840", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5840" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)" }, { "cve": "CVE-2013-5842", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019123" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5842" }, { "category": "external", "summary": "RHBZ#1019123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019123" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5842", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5842" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5842", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5842" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)" }, { "cve": "CVE-2013-5843", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019701" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5843" }, { "category": "external", "summary": "RHBZ#1019701", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019701" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5843", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5843" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (2D)" }, { "cve": "CVE-2013-5848", "discovery_date": "2013-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019720" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5848" }, { "category": "external", "summary": "RHBZ#1019720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019720" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5848", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5848" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5848", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5848" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)" }, { "cve": "CVE-2013-5849", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018750" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5849" }, { "category": "external", "summary": "RHBZ#1018750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018750" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5849", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5849" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5849", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5849" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)" }, { "cve": "CVE-2013-5850", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1019127" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Missing CORBA security checks (Libraries, 8017196)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5850" }, { "category": "external", "summary": "RHBZ#1019127", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019127" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5850", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5850" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5850", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5850" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Missing CORBA security checks (Libraries, 8017196)" }, { "cve": "CVE-2013-5851", "discovery_date": "2013-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1018977" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML stream factory finder information leak (JAXP, 8013502)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5851" }, { "category": "external", "summary": "RHBZ#1018977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018977" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5851", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5851" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5851", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5851" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" } ], "release_date": "2013-10-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-05T17:32:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1793" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src", "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x", "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src", "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x", "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML stream factory finder information leak (JAXP, 8013502)" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.