The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle JDK

Oracle Java: several vulnerabilities of April 2015
Several vulnerabilities of Oracle Java were announced in April 2015...
1610582, 1902260, 1903541, 1903704, 1958902, 1960194, 1964236, 1966551, 1967498, 1968485, 205086, 206954, 7045736, BSA-2015-009, CERTFR-2015-AVI-172, cpuapr2015, CVE-2015-0204, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492, DSA-3234-1, DSA-3235-1, DSA-3316-1, ESA-2015-085, ESA-2015-134, FEDORA-2015-6357, FEDORA-2015-6369, FEDORA-2015-6397, FREAK, MDVSA-2015:212, openSUSE-SU-2015:0773-1, openSUSE-SU-2015:0774-1, RHSA-2015:0806-01, RHSA-2015:0807-01, RHSA-2015:0808-01, RHSA-2015:0809-01, RHSA-2015:0854-01, RHSA-2015:0857-01, RHSA-2015:0858-01, RHSA-2015:1006-01, RHSA-2015:1007-01, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SB10119, SUSE-SU-2015:0833-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, SUSE-SU-2015:2166-1, SUSE-SU-2015:2168-1, SUSE-SU-2015:2168-2, SUSE-SU-2015:2182-1, SUSE-SU-2015:2192-1, SUSE-SU-2015:2216-1, USN-2573-1, USN-2574-1, VIGILANCE-VUL-16607, VU#243585
OpenSSL, LibReSSL, Mono, JSSE: weakening TLS encryption via FREAK
An attacker, located as a Man-in-the-Middle, can force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data...
122007, 1450666, 1610582, 1647054, 1698613, 1699051, 1699810, 1700225, 1700997, 1701485, 1902260, 1903541, 1963275, 1968485, 1973383, 55767, 7014463, 7022958, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04556853, c04679334, c04773241, CERTFR-2015-AVI-108, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpuapr2017, cpujul2018, cpuoct2017, CTX216642, CVE-2015-0138, CVE-2015-0204, DSA-3125-1, FEDORA-2015-0512, FEDORA-2015-0601, FG-IR-15-007, FREAK, FreeBSD-SA-15:01.openssl, HPSBMU03345, HPSBUX03244, HPSBUX03334, JSA10679, MDVSA-2015:019, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-006, NetBSD-SA2015-007, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2016:0640-1, RHSA-2015:0066-01, RHSA-2015:0800-01, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SA40015, SA88, SA91, SB10108, SB10110, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SP-CAAANXD, SPL-95203, SPL-95206, SSA:2015-009-01, SSRT101885, SSRT102000, SUSE-SU-2015:1073-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, T1022075, USN-2459-1, VIGILANCE-VUL-16301, VN-2015-003_FREAK, VU#243585
JSSE, CyaSSL, Mono, OpenSSL: clear text session via SKIP-TLS
An attacker, who has a TLS server, can force the JSSE, CyaSSL, Mono or OpenSSL client/server to use a clear text session, in order to allow a third party to capture or alter exchanged data...
1699051, 1700706, 1701485, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04517481, c04556853, c04580241, c04583581, CERTFR-2015-AVI-108, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpujan2015, cpuoct2017, CTX216642, CVE-2014-6593, CVE-2015-0205, DSA-3125-1, DSA-3144-1, DSA-3147-1, FEDORA-2015-0512, FEDORA-2015-0601, FEDORA-2015-0983, FEDORA-2015-1075, FEDORA-2015-1150, FEDORA-2015-8251, FEDORA-2015-8264, FreeBSD-SA-15:01.openssl, HPSBUX03219, HPSBUX03244, HPSBUX03273, HPSBUX03281, JSA10679, MDVSA-2015:019, MDVSA-2015:033, MDVSA-2015:062, NetBSD-SA2015-006, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2015:0190-1, openSUSE-SU-2015:1277-1, RHSA-2015:0066-01, RHSA-2015:0067-01, RHSA-2015:0068-01, RHSA-2015:0069-01, RHSA-2015:0079-01, RHSA-2015:0080-01, RHSA-2015:0085-01, RHSA-2015:0086-01, RHSA-2015:0133-01, RHSA-2015:0134-01, RHSA-2015:0135-01, RHSA-2015:0136-01, RHSA-2015:0263-01, RHSA-2015:0264-01, SA40015, SA88, SB10104, SB10108, SKIP-TLS, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SPL-95203, SSA:2015-009-01, SSRT101859, SSRT101885, SSRT101951, SSRT101968, SUSE-SU-2015:0336-1, SUSE-SU-2015:0503-1, USN-2459-1, USN-2486-1, USN-2487-1, VIGILANCE-VUL-16300, VMSA-2015-0003, VMSA-2015-0003.1, VMSA-2015-0003.10, VMSA-2015-0003.11, VMSA-2015-0003.12, VMSA-2015-0003.13, VMSA-2015-0003.14, VMSA-2015-0003.15, VMSA-2015-0003.2, VMSA-2015-0003.3, VMSA-2015-0003.4, VMSA-2015-0003.5, VMSA-2015-0003.6, VMSA-2015-0003.8, VMSA-2015-0003.9
Oracle Java: several vulnerabilities of January 2015
Several vulnerabilities of Oracle Java were announced in January 2015...
1698239, 1699051, 1700706, 1701485, 7045736, c04517481, c04580241, c04583581, CERTFR-2015-AVI-034, CERTFR-2016-AVI-303, cpujan2015, CTX216642, CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413, CVE-2015-0421, CVE-2015-0437, DSA-3144-1, DSA-3147-1, FEDORA-2015-0983, FEDORA-2015-1075, FEDORA-2015-1150, FEDORA-2015-8251, FEDORA-2015-8264, HPSBUX03219, HPSBUX03273, HPSBUX03281, MDVSA-2015:033, MDVSA-2015:198, openSUSE-SU-2015:0190-1, RHSA-2015:0067-01, RHSA-2015:0068-01, RHSA-2015:0069-01, RHSA-2015:0079-01, RHSA-2015:0080-01, RHSA-2015:0085-01, RHSA-2015:0086-01, RHSA-2015:0133-01, RHSA-2015:0134-01, RHSA-2015:0135-01, RHSA-2015:0136-01, RHSA-2015:0263-01, RHSA-2015:0264-01, SB10104, SSRT101859, SSRT101951, SSRT101968, SUSE-SU-2015:0336-1, SUSE-SU-2015:0503-1, USN-2486-1, USN-2487-1, VIGILANCE-VUL-16014, VMSA-2015-0003, VMSA-2015-0003.1, VMSA-2015-0003.10, VMSA-2015-0003.11, VMSA-2015-0003.12, VMSA-2015-0003.13, VMSA-2015-0003.14, VMSA-2015-0003.15, VMSA-2015-0003.2, VMSA-2015-0003.3, VMSA-2015-0003.4, VMSA-2015-0003.5, VMSA-2015-0003.6, VMSA-2015-0003.8, VMSA-2015-0003.9
Oracle Java: several vulnerabilities of October 2014
Several vulnerabilities of Oracle Java were announced in October 2014...
1699051, 1700706, 7045736, 74387, c04517477, CERTFR-2014-AVI-429, cpuoct2014, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468, CVE-2014-6476, CVE-2014-6485, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6562, DSA-3077-1, DSA-3080-1, FEDORA-2014-13021, FEDORA-2014-13027, FEDORA-2014-13049, FEDORA-2014-13075, HPSBUX03218, MDVSA-2014:209, RHSA-2014:1620-01, RHSA-2014:1633-01, RHSA-2014:1634-01, RHSA-2014:1636-01, RHSA-2014:1657-01, RHSA-2014:1658-01, RHSA-2014:1876-01, RHSA-2014:1877-01, RHSA-2014:1880-01, RHSA-2014:1881-01, RHSA-2014:1882-01, SB10092, SSRT101770, SUSE-SU-2014:1422-1, SUSE-SU-2014:1526-1, SUSE-SU-2014:1526-2, SUSE-SU-2014:1549-1, USN-2386-1, USN-2388-1, USN-2388-2, VIGILANCE-VUL-15482, ZDI-14-382
Oracle Java: multiple vulnerabilities of July 2014
An attacker can use several vulnerabilities of Oracle Java...
1680418, 1686749, 1686824, 1689579, 7014224, c04398922, c04398943, CERTFR-2014-AVI-320, cpujul2014, CVE-2014-2483, CVE-2014-2490, CVE-2014-4208, CVE-2014-4209, CVE-2014-4216, CVE-2014-4218, CVE-2014-4219, CVE-2014-4220, CVE-2014-4221, CVE-2014-4223, CVE-2014-4227, CVE-2014-4244, CVE-2014-4247, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264, CVE-2014-4265, CVE-2014-4266, CVE-2014-4268, DSA-2980-1, DSA-2987-1, DSA-2987-2, FEDORA-2014-8395, FEDORA-2014-8407, FEDORA-2014-8417, FEDORA-2014-8441, HPSBUX03091, HPSBUX03092, MDVSA-2014:141, openSUSE-SU-2014:1638-1, openSUSE-SU-2014:1645-1, RHSA-2014:0889-01, RHSA-2014:0890-01, RHSA-2014:0902-01, RHSA-2014:0907-01, RHSA-2014:0908-01, RHSA-2014:1033-01, RHSA-2014:1036-01, RHSA-2014:1041-01, RHSA-2014:1042-01, SB10083, SSRT101667, SSRT101668, SUSE-SU-2014:0961-1, USN-2312-1, USN-2319-1, USN-2319-2, USN-2319-3, VIGILANCE-VUL-15051, VMSA-2014-0008.2, VMSA-2014-0012, ZDI-14-258
Oracle Java: multiple vulnerabilities of April 2014
An attacker can use several vulnerabilities of Oracle Java...
1680562, 1681114, 7014224, BID-64493, c04398922, c04398943, CERTFR-2014-AVI-185, CERTFR-2014-AVI-382, CERTFR-2014-AVI-480, CERTFR-2015-AVI-431, CERTFR-2016-AVI-300, cpuapr2014, CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0432, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-0463, CVE-2014-0464, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2403, CVE-2014-2409, CVE-2014-2410, CVE-2014-2412, CVE-2014-2413, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2422, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428, DSA-2912-1, DSA-2923-1, ESA-2014-044, FEDORA-2014-5277, FEDORA-2014-5280, FEDORA-2014-5290, FEDORA-2014-5336, HPSBUX03091, HPSBUX03092, JSA10659, JSA10698, MDVSA-2014:100, openSUSE-SU-2014:1638-1, openSUSE-SU-2014:1645-1, RHSA-2014:0406-01, RHSA-2014:0407-01, RHSA-2014:0408-01, RHSA-2014:0412-01, RHSA-2014:0413-02, RHSA-2014:0414-01, RHSA-2014:0486-01, RHSA-2014:0508-01, RHSA-2014:0509-01, RHSA-2014:0675-01, RHSA-2014:0685-01, RHSA-2014:0982-01, SB10072, SSRT101667, SSRT101668, SUSE-SU-2014:0639-1, SUSE-SU-2014:0728-1, SUSE-SU-2014:0728-2, SUSE-SU-2014:0728-3, SUSE-SU-2014:0733-1, SUSE-SU-2014:0733-2, USN-2187-1, USN-2191-1, VIGILANCE-VUL-14599, VMSA-2014-0008, VU#650142, ZDI-14-102, ZDI-14-103, ZDI-14-104, ZDI-14-105, ZDI-14-114
Oracle Java: multiple vulnerabilities of January 2014
An attacker can use several vulnerabilities of Oracle Java...
1663938, 1670264, 1671242, 1671245, 1674922, 1675938, 1679983, 4006386, 7014224, BID-64863, BID-64875, BID-64882, BID-64890, BID-64894, BID-64899, BID-64901, BID-64903, BID-64906, BID-64907, BID-64910, BID-64912, BID-64914, BID-64915, BID-64916, BID-64917, BID-64918, BID-64919, BID-64920, BID-64921, BID-64922, BID-64923, BID-64924, BID-64925, BID-64926, BID-64927, BID-64928, BID-64929, BID-64930, BID-64931, BID-64932, BID-64933, BID-64934, BID-64935, BID-64936, BID-64937, c04166777, c04166778, CERTA-2014-AVI-030, CERTFR-2014-AVI-199, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, cpujan2014, CVE-2013-5870, CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888, CVE-2013-5889, CVE-2013-5893, CVE-2013-5895, CVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5902, CVE-2013-5904, CVE-2013-5905, CVE-2013-5906, CVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375, CVE-2014-0376, CVE-2014-0382, CVE-2014-0385, CVE-2014-0387, CVE-2014-0403, CVE-2014-0408, CVE-2014-0410, CVE-2014-0411, CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0418, CVE-2014-0422, CVE-2014-0423, CVE-2014-0424, CVE-2014-0428, ESA-2014-002, FEDORA-2014-0885, FEDORA-2014-0945, FEDORA-2014-1048, FEDORA-2014-2071, FEDORA-2014-2088, HPSBUX02972, HPSBUX02973, JSA10659, MDVSA-2014:011, openSUSE-SU-2014:0174-1, openSUSE-SU-2014:0177-1, openSUSE-SU-2014:0180-1, RHSA-2014:0026-01, RHSA-2014:0027-01, RHSA-2014:0030-01, RHSA-2014:0097-01, RHSA-2014:0134-01, RHSA-2014:0135-01, RHSA-2014:0136-01, RHSA-2014:0982-01, SOL17381, SSRT101454, SSRT101455, SUSE-SU-2014:0246-1, SUSE-SU-2014:0266-1, SUSE-SU-2014:0266-2, SUSE-SU-2014:0266-3, SUSE-SU-2014:0451-1, USN-2124-1, USN-2124-2, VIGILANCE-VUL-14087, ZDI-14-013, ZDI-14-038
Oracle Java: multiple vulnerabilities of October 2013
An attacker can use several vulnerabilities of Oracle Java...
1663589, 1663930, 1664550, 1670264, 1671933, BID-63079, BID-63082, BID-63089, BID-63095, BID-63098, BID-63101, BID-63102, BID-63103, BID-63106, BID-63110, BID-63111, BID-63112, BID-63115, BID-63118, BID-63120, BID-63121, BID-63122, BID-63124, BID-63126, BID-63127, BID-63128, BID-63129, BID-63130, BID-63131, BID-63132, BID-63133, BID-63134, BID-63135, BID-63136, BID-63137, BID-63139, BID-63140, BID-63141, BID-63142, BID-63143, BID-63144, BID-63145, BID-63146, BID-63147, BID-63148, BID-63149, BID-63150, BID-63151, BID-63152, BID-63153, BID-63154, BID-63155, BID-63156, BID-63157, BID-63158, c04031205, c04031212, CERTA-2013-AVI-586, CERTFR-2014-AVI-117, CERTFR-2014-AVI-199, cpuoct2013, CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5775, CVE-2013-5776, CVE-2013-5777, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788, CVE-2013-5789, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5805, CVE-2013-5806, CVE-2013-5809, CVE-2013-5810, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5843, CVE-2013-5844, CVE-2013-5846, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851, CVE-2013-5852, CVE-2013-5854, FEDORA-2013-19285, FEDORA-2013-19338, HPSBUX02943, HPSBUX02944, MDVSA-2013:266, MDVSA-2013:267, openSUSE-SU-2013:1663-1, openSUSE-SU-2013:1968-1, RHSA-2013:1440-01, RHSA-2013:1447-01, RHSA-2013:1451-01, RHSA-2013:1505-01, RHSA-2013:1507-01, RHSA-2013:1508-01, RHSA-2013:1509-01, RHSA-2013:1793-01, RHSA-2014:1319-01, RHSA-2014:1818-01, RHSA-2014:1821-01, RHSA-2014:1822-01, RHSA-2014:1823-01, RHSA-2015:0269-01, RHSA-2015:0675-01, RHSA-2015:0773-01, SB10058, SE-2012-01, SOL16872, SOL48802597, SUSE-SU-2013:1666-1, SUSE-SU-2013:1669-1, SUSE-SU-2013:1677-2, SUSE-SU-2013:1677-3, VIGILANCE-VUL-13601, VMSA-2014-0002, ZDI-13-244, ZDI-13-245, ZDI-13-246, ZDI-13-247, ZDI-13-248
Javadoc: Frame injection via Relative URI
An attacker can use a relative URI, to inject an HTML page in web sites generated with Javadoc, in order to trigger a phishing attack on victims connecting on the web site...
1650599, BID-60634, c03868911, c03874547, CERTFR-2014-AVI-244, CVE-2013-1571, DSA-2722-1, DSA-2727-1, FEDORA-2013-11281, FEDORA-2013-11285, HPSBUX02907, HPSBUX02908, javacpujun2013, MDVSA-2013:183, MDVSA-2013:196, MDVSA-2014:042, openSUSE-SU-2013:1247-1, openSUSE-SU-2013:1288-1, RHSA-2013:0957-01, RHSA-2013:0958-01, RHSA-2013:0963-01, RHSA-2013:1014-01, RHSA-2013:1059-01, RHSA-2013:1060-01, RHSA-2013:1081-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SUSE-SU-2013:1238-1, SUSE-SU-2013:1254-1, SUSE-SU-2013:1255-1, SUSE-SU-2013:1255-2, SUSE-SU-2013:1255-3, SUSE-SU-2013:1256-1, SUSE-SU-2013:1257-1, SUSE-SU-2013:1263-1, SUSE-SU-2013:1263-2, SUSE-SU-2013:1305-1, VIGILANCE-VUL-13106, VU#225657
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle JDK: