Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:3915
[Rus]
Version
3
Class
patch
ALTXid
49455
Language
English
Severity
NotAvailable
Title
ELSA-2010:0574: java-1.4.2-ibm security update
Description
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.
Family
unix
Platform
Oracle Linux 5
Product
java-1.4.2-ibm
Reference
VENDOR: ELSA-2010:0574-01
VENDOR: ELSA-2010:0574-01
Id:
ELSA-2010:0574-01
Reference:
http://linux.oracle.com/errata/ELSA-2010-0574.html
CVE: CVE-2010-0084
CVE: CVE-2010-0084
Id:
CVE-2010-0084
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
References:
63482 (OSVDB)
RHSA-2010:0339 (REDHAT)
RHSA-2010:0338 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
39292 (SECUNIA)
USN-923-1 (UBUNTU)
MDVSA-2010:084 (MANDRIVA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1107 (VUPEN)
39819 (SECUNIA)
ADV-2010-1191 (VUPEN)
http://support.apple.com/kb/HT4171 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14061 (OVAL)
oval:org.mitre.oval:def:11120 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0085
CVE: CVE-2010-0085
Id:
CVE-2010-0085
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088.
CVSSv2 Score:
5.1
Access vector:
NETWORK
Access complexity:
HIGH
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0338 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0339 (REDHAT)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
39292 (SECUNIA)
USN-923-1 (UBUNTU)
MDVSA-2010:084 (MANDRIVA)
RHSA-2010:0383 (REDHAT)
39659 (SECUNIA)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1107 (VUPEN)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4171 (CONFIRM)
39819 (SECUNIA)
ADV-2010-1191 (VUPEN)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
ADV-2010-1793 (VUPEN)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:13803 (OVAL)
oval:org.mitre.oval:def:10474 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0087
CVE: CVE-2010-0087
Id:
CVE-2010-0087
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087
Comment
: Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
APPLE-SA-2010-05-18-1 (APPLE)
APPLE-SA-2010-05-18-2 (APPLE)
ADV-2010-1191 (VUPEN)
http://support.apple.com/kb/HT4170 (CONFIRM)
39819 (SECUNIA)
http://support.apple.com/kb/HT4171 (CONFIRM)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:13959 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0088
CVE: CVE-2010-0088
Id:
CVE-2010-0088
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.
CVSSv2 Score:
6.8
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0338 (REDHAT)
RHSA-2010:0339 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
USN-923-1 (UBUNTU)
39292 (SECUNIA)
MDVSA-2010:084 (MANDRIVA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
ADV-2010-1107 (VUPEN)
SUSE-SR:2010:011 (SUSE)
39819 (SECUNIA)
http://support.apple.com/kb/HT4171 (CONFIRM)
http://support.apple.com/kb/HT4170 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
APPLE-SA-2010-05-18-2 (APPLE)
ADV-2010-1191 (VUPEN)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14321 (OVAL)
oval:org.mitre.oval:def:11173 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0089
CVE: CVE-2010-0089
Id:
CVE-2010-0089
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089
Comment
: Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
39317 (SECUNIA)
RHSA-2010:0383 (REDHAT)
39659 (SECUNIA)
39819 (SECUNIA)
ADV-2010-1191 (VUPEN)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
http://support.apple.com/kb/HT4171 (CONFIRM)
APPLE-SA-2010-05-18-2 (APPLE)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
40545 (SECUNIA)
SSRT100179 (HP)
ADV-2010-1793 (VUPEN)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14208 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0091
CVE: CVE-2010-0091
Id:
CVE-2010-0091
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
References:
63481 (OSVDB)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0339 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0337 (REDHAT)
39292 (SECUNIA)
USN-923-1 (UBUNTU)
39317 (SECUNIA)
MDVSA-2010:084 (MANDRIVA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1107 (VUPEN)
ADV-2010-1191 (VUPEN)
APPLE-SA-2010-05-18-1 (APPLE)
39819 (SECUNIA)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
http://support.apple.com/kb/HT4171 (CONFIRM)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
SSRT100179 (HP)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:9855 (OVAL)
oval:org.mitre.oval:def:13492 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0095
CVE: CVE-2010-0095
Id:
CVE-2010-0095
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0093.
CVSSv2 Score:
6.8
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0339 (REDHAT)
RHSA-2010:0338 (REDHAT)
39292 (SECUNIA)
39317 (SECUNIA)
USN-923-1 (UBUNTU)
MDVSA-2010:084 (MANDRIVA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1107 (VUPEN)
http://support.apple.com/kb/HT4171 (CONFIRM)
http://support.apple.com/kb/HT4170 (CONFIRM)
ADV-2010-1191 (VUPEN)
39819 (SECUNIA)
APPLE-SA-2010-05-18-1 (APPLE)
APPLE-SA-2010-05-18-2 (APPLE)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14105 (OVAL)
oval:org.mitre.oval:def:11621 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0839
CVE: CVE-2010-0839
Id:
CVE-2010-0839
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839
Comment
: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
39317 (SECUNIA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:13357 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0840
CVE: CVE-2010-0840
Id:
CVE-2010-0840
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840
Comment
: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0337 (REDHAT)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0339 (REDHAT)
SUSE-SR:2010:008 (SUSE)
39317 (SECUNIA)
http://www.zerodayinitiative.com/advisories/ZDI-10-056 (MISC)
USN-923-1 (UBUNTU)
39292 (SECUNIA)
MDVSA-2010:084 (MANDRIVA)
RHSA-2010:0383 (REDHAT)
39659 (SECUNIA)
ADV-2010-1107 (VUPEN)
SUSE-SR:2010:011 (SUSE)
http://support.apple.com/kb/HT4170 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4171 (CONFIRM)
39819 (SECUNIA)
ADV-2010-1191 (VUPEN)
39065 (BID)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
40211 (SECUNIA)
RHSA-2010:0489 (REDHAT)
ADV-2010-1523 (VUPEN)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:9974 (OVAL)
oval:org.mitre.oval:def:13971 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability (BUGTRAQ)
CVE: CVE-2010-0841
CVE: CVE-2010-0841
Id:
CVE-2010-0841
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841
Comment
: Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
http://www.zerodayinitiative.com/advisories/ZDI-10-054/ (MISC)
39317 (SECUNIA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
APPLE-SA-2010-05-18-2 (APPLE)
39067 (BID)
ADV-2010-1191 (VUPEN)
39819 (SECUNIA)
http://support.apple.com/kb/HT4171 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
40211 (SECUNIA)
RHSA-2010:0489 (REDHAT)
ADV-2010-1523 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
ADV-2010-1793 (VUPEN)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14144 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability (BUGTRAQ)
CVE: CVE-2010-0842
CVE: CVE-2010-0842
Id:
CVE-2010-0842
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842
Comment
: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
http://www.zerodayinitiative.com/advisories/ZDI-10-060 (MISC)
RHSA-2010:0383 (REDHAT)
39659 (SECUNIA)
ADV-2010-1191 (VUPEN)
APPLE-SA-2010-05-18-1 (APPLE)
39819 (SECUNIA)
39077 (BID)
http://support.apple.com/kb/HT4171 (CONFIRM)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
RHSA-2010:0489 (REDHAT)
40211 (SECUNIA)
ADV-2010-1523 (VUPEN)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14101 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability (BUGTRAQ)
CVE: CVE-2010-0843
CVE: CVE-2010-0843
Id:
CVE-2010-0843
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843
Comment
: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
20100405 ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability (BUGTRAQ)
63492 (OSVDB)
http://www.zerodayinitiative.com/advisories/ZDI-10-052/ (MISC)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
39083 (BID)
APPLE-SA-2010-05-18-2 (APPLE)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
ADV-2010-1191 (VUPEN)
39819 (SECUNIA)
http://support.apple.com/kb/HT4171 (CONFIRM)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
RHSA-2010:0489 (REDHAT)
40211 (SECUNIA)
ADV-2010-1523 (VUPEN)
SSRT100179 (HP)
40545 (SECUNIA)
ADV-2010-1793 (VUPEN)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14092 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0844
CVE: CVE-2010-0844
Id:
CVE-2010-0844
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844
Comment
: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
39317 (SECUNIA)
http://www.zerodayinitiative.com/advisories/ZDI-10-053 (MISC)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
http://support.apple.com/kb/HT4171 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
39819 (SECUNIA)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
ADV-2010-1191 (VUPEN)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
RHSA-2010:0489 (REDHAT)
40211 (SECUNIA)
ADV-2010-1523 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14282 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability (BUGTRAQ)
CVE: CVE-2010-0846
CVE: CVE-2010-0846
Id:
CVE-2010-0846
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846
Comment
: Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl).
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0338 (REDHAT)
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
39317 (SECUNIA)
http://www.zerodayinitiative.com/advisories/ZDI-10-059 (MISC)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
39819 (SECUNIA)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
ADV-2010-1191 (VUPEN)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4171 (CONFIRM)
39062 (BID)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
RHSA-2010:0489 (REDHAT)
40211 (SECUNIA)
ADV-2010-1523 (VUPEN)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
40545 (SECUNIA)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14503 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability (BUGTRAQ)
CVE: CVE-2010-0847
CVE: CVE-2010-0847
Id:
CVE-2010-0847
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847
Comment
: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
RHSA-2010:0337 (REDHAT)
RHSA-2010:0338 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0339 (REDHAT)
USN-923-1 (UBUNTU)
39292 (SECUNIA)
39317 (SECUNIA)
MDVSA-2010:084 (MANDRIVA)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1107 (VUPEN)
APPLE-SA-2010-05-18-2 (APPLE)
ADV-2010-1191 (VUPEN)
http://support.apple.com/kb/HT4171 (CONFIRM)
http://support.apple.com/kb/HT4170 (CONFIRM)
39819 (SECUNIA)
39071 (BID)
APPLE-SA-2010-05-18-1 (APPLE)
20100330 Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability (IDEFENSE)
40211 (SECUNIA)
RHSA-2010:0489 (REDHAT)
ADV-2010-1523 (VUPEN)
ADV-2010-1793 (VUPEN)
SSRT100179 (HP)
40545 (SECUNIA)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:14453 (OVAL)
oval:org.mitre.oval:def:10392 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0848
CVE: CVE-2010-0848
Id:
CVE-2010-0848
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848
Comment
: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
39078 (BID)
RHSA-2010:0339 (REDHAT)
RHSA-2010:0337 (REDHAT)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0338 (REDHAT)
USN-923-1 (UBUNTU)
39317 (SECUNIA)
39292 (SECUNIA)
MDVSA-2010:084 (MANDRIVA)
RHSA-2010:0383 (REDHAT)
39659 (SECUNIA)
ADV-2010-1107 (VUPEN)
SUSE-SR:2010:011 (SUSE)
ADV-2010-1191 (VUPEN)
39819 (SECUNIA)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4170 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
http://support.apple.com/kb/HT4171 (CONFIRM)
ADV-2010-1454 (VUPEN)
RHSA-2010:0471 (REDHAT)
40211 (SECUNIA)
RHSA-2010:0489 (REDHAT)
ADV-2010-1523 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
43308 (SECUNIA)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:9899 (OVAL)
oval:org.mitre.oval:def:14350 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
CVE: CVE-2010-0849
CVE: CVE-2010-0849
Id:
CVE-2010-0849
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849
Comment
: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
http://www.zerodayinitiative.com/advisories/ZDI-10-057/ (MISC)
39073 (BID)
SUSE-SR:2010:008 (SUSE)
RHSA-2010:0337 (REDHAT)
RHSA-2010:0338 (REDHAT)
39317 (SECUNIA)
39659 (SECUNIA)
RHSA-2010:0383 (REDHAT)
ADV-2010-1191 (VUPEN)
http://support.apple.com/kb/HT4170 (CONFIRM)
APPLE-SA-2010-05-18-1 (APPLE)
39819 (SECUNIA)
APPLE-SA-2010-05-18-2 (APPLE)
http://support.apple.com/kb/HT4171 (CONFIRM)
RHSA-2010:0471 (REDHAT)
ADV-2010-1454 (VUPEN)
RHSA-2010:0489 (REDHAT)
40211 (SECUNIA)
ADV-2010-1523 (VUPEN)
ADV-2010-1793 (VUPEN)
40545 (SECUNIA)
SSRT100179 (HP)
SUSE-SR:2010:017 (SUSE)
43308 (SECUNIA)
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html (CONFIRM)
http://www.vmware.com/security/advisories/VMSA-2011-0003.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html (CONFIRM)
http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html (CONFIRM)
HPSBMU02799 (HP)
SSRT100089 (HP)
oval:org.mitre.oval:def:13795 (OVAL)
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (BUGTRAQ)
20100405 ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability (BUGTRAQ)
Content available only for registered users!
ovaldb@altx-soft.com