RSS   Vulnerabilities for 'Enterprise linux supplementary'   RSS

2016-06-03
 
CVE-2016-0376

CWE-Other
 

 
The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.

 
 
CVE-2016-0363

CWE-20
 

 
The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.

 
2016-02-10
 
CVE-2016-0985

 

 
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."

 
2015-04-14
 
CVE-2015-3044

CWE-200
 

 
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

 
 
CVE-2015-3043

CWE-noinfo
 

 
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.

 

 >>> Vendor: Redhat 299 Products
Linux
Enterprise linux
Enterprise linux desktop
Linux powertools
Tmpwatch
Stronghold
Redhat package manager
Docbook stylesheets
Docbook utils
Pre-execution environment
Interchange
Linux advanced workstation
Rhmask
LV
Tcpdump
Analog real-time synthesizer
Kdebase
Kdelibs
Kdelibs devel
Kdelibs sound
Kdelibs sound devel
Wu ftpd
Daredevil skk
Ddskk-xemacs
Up2date
Pam smb
Sendmail
Kernel
Rsync
Bigmem kernel
Kernel doc
Kernel source
Openssl
Sysstat
Gdk pixbuf
LHA
Fedora core
Libpng
Sysreport
Open iscsi
Cluster suite
Network satelite server
Fedora
Conga
Mcstrans
Certificate server
Cairo
Network satellite server
Cygwin
Directory server
Fedora directory server
Nfs utils
Desktop
Enterprise linux desktop workstation
Desktop workstation
Fedora 8
Certificate system
Vsftpd
Adminutil
Enterprise ipa
Freeipa
Jboss enterprise application platform
Initscripts
CMAN
dogtag certificate system
Cluster project
Gfs2-utils
Rgmanager
Dogtag certificate system
Enterprise mrg
Spacewalk-java
Enterprise virtualization
Qspice
KVM
Network satellite
Yum-rhn-plugin
Enterprise virtualization hypervisor
Enterprise virtualization manager
Jboss enterprise service bus
Jboss enterprise soa platform
Evince
Spice-xpi
Spice-activex
LUCI
Icedtea
Jboss enterprise web platform
Jboss remoting
Icedtea-web
Policycoreutils
Libvirt
Jboss seam 2 framework
Policykit
System-config-firewall
System-config-printer
Jboss operations network
Automatic bug reporting tool
SOS
Dtach
Jboss community application server
Mod cluster
See all Products for Vendor Redhat


Copyright 2019, cxsecurity.com

 

Back to Top