what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2019-2698

Status Candidate

Overview

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Related Files

Red Hat Security Advisory 2019-1238-01
Posted May 16, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include a buffer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2018-11212, CVE-2018-12547, CVE-2018-12549, CVE-2019-10245, CVE-2019-2422, CVE-2019-2449, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | d5028cbb41b3175a261cef09bfd409cc
Red Hat Security Advisory 2019-1165-01
Posted May 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1165-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP45. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | be0604545320990fe2f8bad984f739d7
Red Hat Security Advisory 2019-1163-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1163-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 98dca04cc657a5c583a29536822e99d0
Red Hat Security Advisory 2019-1166-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1166-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP45. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | e5b9cdccb42ed1143691e65fc18c58e7
Red Hat Security Advisory 2019-1164-01
Posted May 14, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1164-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include an out-of-bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-10245, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 8fe0274eb472dc9f790249da621a96ef
Ubuntu Security Notice USN-3975-1
Posted May 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3975-1 - It was discovered that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could use this to cause a denial of service. Corwin de Boor and Robert Xiao discovered that the RMI registry implementation in OpenJDK did not properly select the correct skeleton class in some situations. An attacker could use this to possibly escape Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java, denial of service, registry
systems | linux, ubuntu
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698
MD5 | 521a7981d1b62cfdfcb3e98017ad5165
Red Hat Security Advisory 2019-1146-01
Posted May 13, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1146-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | 6224234161c9548fe9d6fc7257577597
Red Hat Security Advisory 2019-0790-01
Posted Apr 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0790-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An out-of-bounds access issue has been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | 0536d1d48cfca4c8c1ab0c7dc442df2b
Red Hat Security Advisory 2019-0791-01
Posted Apr 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0791-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An out-of-bounds access issue has been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | 6edf08d3172e3d4979fbe2e668ff79c8
Oracle Java Runtime Environment GlyphIterator::setCurrGlyphID Heap Corruption
Posted Apr 17, 2019
Authored by Google Security Research, mjurczyk

A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.

tags | exploit, java
advisories | CVE-2019-2698
MD5 | 074ca17f20fc3585508db683bc708cad
Red Hat Security Advisory 2019-0775-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0775-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | c4005622fc51802914292f4cf427eda1
Red Hat Security Advisory 2019-0774-01
Posted Apr 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-0774-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an out of bounds access vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-2602, CVE-2019-2684, CVE-2019-2698
MD5 | 2843c5bee1e7de4fd7dc11a65b3fbf20
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    13 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close