CVE-2013-1487

Related Files

Mandriva Linux Security Advisory 2013-014

Posted Feb 25, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-014 - Multiple security issues were identified and fixed in OpenJDK. MBeanServer access restrictions were added, improved TLS handling of invalid messages, and more.

tags | advisory

systems | linux, mandriva

advisories | CVE-2013-0169, CVE-2013-1486, CVE-2013-1487

SHA-256 | 8ac40eb4b2ce07209ddf331559853b548ca985e61c74804dcf0ddfa8c2e80994

Download | Favorite | View

Ubuntu Security Notice USN-1735-1

Posted Feb 22, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1735-1 - Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol, info disclosure

systems | linux, ubuntu

advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487

SHA-256 | 2261cb93a882de20b7e4c81f5368c093e6bdc017b92efb2dc8c82925d609cdd8

Download | Favorite | View

Red Hat Security Advisory 2013-0532-01

Posted Feb 21, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0532-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 15 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability

systems | linux, redhat

advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487

SHA-256 | 715f873e25410bc468e412c2a033bb64beb683efec1499c2641f64dcbd2dd75b

Download | Favorite | View

Red Hat Security Advisory 2013-0531-01

Posted Feb 21, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0531-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes three vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 41. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability

systems | linux, redhat

advisories | CVE-2013-0169, CVE-2013-1486, CVE-2013-1487

SHA-256 | 02aadfa81bfc8c12143738a124655e974f4700f9e9aebca7ab5638be2cd5ef43

Download | Favorite | View