rpm package
suse/java-1_6_0-ibm&distro=SUSE Linux Enterprise Software Development Kit 11 SP3
pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3
Vulnerabilities (46)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0477 | — | < 1.6.0_sr16.15-46.1 | 1.6.0_sr16.15-46.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. | ||
| CVE-2015-0469 | — | < 1.6.0_sr16.15-46.1 | 1.6.0_sr16.15-46.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
| CVE-2015-0459 | — | < 1.6.0_sr16.15-46.1 | 1.6.0_sr16.15-46.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491. | ||
| CVE-2015-0458 | — | < 1.6.0_sr16.15-46.1 | 1.6.0_sr16.15-46.1 | Apr 16, 2015 | Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
| CVE-2015-2808 | — | < 1.6.0_sr16.7-10.1 | 1.6.0_sr16.7-10.1 | Apr 1, 2015 | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing | ||
| CVE-2015-0204 | — | < 1.6.0_sr16.15-46.1 | 1.6.0_sr16.15-46.1 | Jan 9, 2015 | The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncomp |
- CVE-2015-0477Apr 16, 2015affected < 1.6.0_sr16.15-46.1fixed 1.6.0_sr16.15-46.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
- CVE-2015-0469Apr 16, 2015affected < 1.6.0_sr16.15-46.1fixed 1.6.0_sr16.15-46.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
- CVE-2015-0459Apr 16, 2015affected < 1.6.0_sr16.15-46.1fixed 1.6.0_sr16.15-46.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
- CVE-2015-0458Apr 16, 2015affected < 1.6.0_sr16.15-46.1fixed 1.6.0_sr16.15-46.1
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
- CVE-2015-2808Apr 1, 2015affected < 1.6.0_sr16.7-10.1fixed 1.6.0_sr16.7-10.1
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing
- CVE-2015-0204Jan 9, 2015affected < 1.6.0_sr16.15-46.1fixed 1.6.0_sr16.15-46.1
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncomp
Page 3 of 3