Showing 1 - 16 of 16

CVE-2019-2999

Status Candidate

Overview

Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).

Related Files

Red Hat Security Advisory 2020-0046-01: Posted Jan 7, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0046-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 7afc9a0d7aac85fc76e9e8bed71610847e2271baa85e26dc197531371f68b7f0; Download | Favorite | View

Red Hat Security Advisory 2020-0006-01: Posted Jan 2, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0006-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 382993010ac05d907c5a1d15310abff9dfd89a6736983922f2cbededcbc94954; Download | Favorite | View

Ubuntu Security Notice USN-4223-1: Posted Dec 18, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4223-1 - Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. It was discovered that the Socket implementation in OpenJDK did not properly restrict the creation of subclasses with a custom Socket implementation. An attacker could use this to specially create a Java class that could possibly bypass Java sandbox restrictions. Various other issues were also addressed.; tags | advisory, java; systems | linux, ubuntu; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 3e331b7ac5ae58746f0340a4b804d07d2cca4361bab05931f9b147f931602d1c; Download | Favorite | View

Red Hat Security Advisory 2019-4115-01: Posted Dec 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4115-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 4b71d33f382e5e49154dc2716af7399bcee7a7701f8ea51cc94e0891474b32ec; Download | Favorite | View

Red Hat Security Advisory 2019-4113-01: Posted Dec 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4113-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | d666e814e18905e238d69e35f214f6c18b5e35e57e865b5590848b0321d14169; Download | Favorite | View

Red Hat Security Advisory 2019-4109-01: Posted Dec 5, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4109-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 968d959fde4c2a03c012fae36e23646bf2dfebf2fe41f0a770f14c22863f148f; Download | Favorite | View

Red Hat Security Advisory 2019-4110-01: Posted Dec 5, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4110-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | c2163794ac91d134a60d9ad2a503a0c2c6e311293f7fe330faa334d9d3bd401a; Download | Favorite | View

Debian Security Advisory 4548-1: Posted Oct 21, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4548-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.; tags | advisory, java, denial of service, vulnerability, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | b8bcde877f6272bcd32a05a018a9cdc9bc6dcdb15213d3642b3e1c40a0a17efb; Download | Favorite | View

Debian Security Advisory 4546-1: Posted Oct 21, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4546-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.; tags | advisory, java, denial of service, vulnerability, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 352af449337abb2eb16df71059490cdac5644dd446be50a1aa162a6f50f5bb77; Download | Favorite | View

Red Hat Security Advisory 2019-3157-01: Posted Oct 21, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3157-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 580ca48ccbfadcc5ae46aa7626a2e1e35aa149c3a88c47c63b7636aaf7712e2b; Download | Favorite | View

Red Hat Security Advisory 2019-3158-01: Posted Oct 21, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3158-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 626e0c8ce1feb4d26f15b7e661d30b9fafd9f8a87bf7af2dbb288cb1b0b91e54; Download | Favorite | View

Red Hat Security Advisory 2019-3136-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3136-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | fa137af05ab1eed2d55106b7ddfdd5d6f9f043f2af6fada5624bd6ea0acd33cd; Download | Favorite | View

Red Hat Security Advisory 2019-3135-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3135-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 46e1c6f46d190bdbb44fd7fcb87b8ac2b92161a07119db2a326bd9ccc20ac4df; Download | Favorite | View

Red Hat Security Advisory 2019-3134-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3134-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | c2a52cfd591d9a4a07d5da7bdc673a37b9ac484ad87a4225e8f9ee5c37ee212d; Download | Favorite | View

Red Hat Security Advisory 2019-3127-01: Posted Oct 16, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3127-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | e2152d3c4f5d1bb85e164ffc79615c747290fb11facd564d6446eed3375165a5; Download | Favorite | View

Red Hat Security Advisory 2019-3128-01: Posted Oct 16, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3128-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 8ce4ddf44adaffb5c974d67b15377c5008f824c164d9241e239a726eae1f5b41; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2019-2999

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems