[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Aug 1 05:20:21 PDT 2014
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 387 Published: Thu, 31 Jul 2014 19:22:55 GMT
New Fixlets:
============
***************************************************************
Title: Apache Subversion vulnerability 1.8.0 through 1.8.2 in VisualSVN Server
Severity: Low
Fixlet ID: 2334001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval23340.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4262
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4208)
Severity: Low
Fixlet ID: 2472901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24729.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4208
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4262)
Severity: High
Fixlet ID: 2480601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24806.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4262
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4268)
Severity: Medium
Fixlet ID: 2482701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24827.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4268
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity (CVE-2014-4218)
Severity: Medium
Fixlet ID: 2482801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24828.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4218
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-4223)
Severity: High
Fixlet ID: 2487301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24873.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4223
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-2483)
Severity: High
Fixlet ID: 2498501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval24985.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2483
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4263)
Severity: Medium
Fixlet ID: 2506601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25066.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4263
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4219)
Severity: High
Fixlet ID: 2509201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25092.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4219
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4220)
Severity: Medium
Fixlet ID: 2510401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25104.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4220
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4208.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity (CVE-2014-4209)
Severity: Medium
Fixlet ID: 2513601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25136.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4209
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4247)
Severity: High
Fixlet ID: 2514901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25149.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4247
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability
Severity: High
Fixlet ID: 2515401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25154.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2490
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4216)
Severity: High
Fixlet ID: 2516001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25160.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4216
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4266)
Severity: Medium
Fixlet ID: 2520201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25202.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4266
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity (CVE-2014-4265)
Severity: Medium
Fixlet ID: 2520301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25203.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4265
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability (CVE-2014-4264)
Severity: Medium
Fixlet ID: 2521601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25216.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4264
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4244)
Severity: Medium
Fixlet ID: 2522401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25224.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4244
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4227)
Severity: High
Fixlet ID: 2525001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25250.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4227
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4252)
Severity: Medium
Fixlet ID: 2527301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25273.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4252
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
***************************************************************
Title: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4221)
Severity: Medium
Fixlet ID: 2528101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval25281.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4221
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
More information about the WinVulns-Announcements
mailing list