rpm package
suse/java-1_6_0-ibm&distro=SUSE Linux Enterprise Module for Legacy 12
pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012
Vulnerabilities (104)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-1931 | — | < 1.6.0_sr16.7-22.2 | 1.6.0_sr16.7-22.2 | Jan 23, 2020 | IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive | ||
| CVE-2017-10388 | Hig | 7.5 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with netw | |
| CVE-2017-10357 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with ne | |
| CVE-2017-10356 | Med | 6.2 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthent | |
| CVE-2017-10355 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthe | |
| CVE-2017-10350 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access v | |
| CVE-2017-10349 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc | |
| CVE-2017-10348 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with networ | |
| CVE-2017-10347 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc | |
| CVE-2017-10346 | Cri | 9.6 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2017-10345 | Low | 3.1 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows un | |
| CVE-2017-10295 | Med | 4.0 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unaut | |
| CVE-2017-10293 | Med | 6.1 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ | |
| CVE-2017-10285 | Cri | 9.6 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acce | |
| CVE-2017-10281 | Med | 5.3 | < 1.6.0_sr16.50-50.3.1 | 1.6.0_sr16.50-50.3.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unau | |
| CVE-2016-9843 | Cri | 9.8 | < 1.6.0_sr16.45-49.1 | 1.6.0_sr16.45-49.1 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |
| CVE-2016-9842 | Hig | 8.8 | < 1.6.0_sr16.45-49.1 | 1.6.0_sr16.45-49.1 | May 23, 2017 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |
| CVE-2016-9841 | Cri | 9.8 | < 1.6.0_sr16.45-49.1 | 1.6.0_sr16.45-49.1 | May 23, 2017 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2016-9840 | Hig | 8.8 | < 1.6.0_sr16.45-49.1 | 1.6.0_sr16.45-49.1 | May 23, 2017 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2017-1289 | Hig | 8.2 | < 1.6.0_sr16.45-49.1 | 1.6.0_sr16.45-49.1 | May 22, 2017 | IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150. |
- CVE-2015-1931Jan 23, 2020affected < 1.6.0_sr16.7-22.2fixed 1.6.0_sr16.7-22.2
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with netw
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with ne
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthent
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthe
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access v
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with networ
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows un
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unaut
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acce
- affected < 1.6.0_sr16.50-50.3.1fixed 1.6.0_sr16.50-50.3.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unau
- affected < 1.6.0_sr16.45-49.1fixed 1.6.0_sr16.45-49.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- affected < 1.6.0_sr16.45-49.1fixed 1.6.0_sr16.45-49.1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
- affected < 1.6.0_sr16.45-49.1fixed 1.6.0_sr16.45-49.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.6.0_sr16.45-49.1fixed 1.6.0_sr16.45-49.1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.6.0_sr16.45-49.1fixed 1.6.0_sr16.45-49.1
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.
Page 1 of 6