rpm package
suse/java-1_6_0-ibm&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (32)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-10388 | Hig | 7.5 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with netw | |
| CVE-2017-10357 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with ne | |
| CVE-2017-10356 | Med | 6.2 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthent | |
| CVE-2017-10355 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthe | |
| CVE-2017-10350 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access v | |
| CVE-2017-10349 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc | |
| CVE-2017-10348 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with networ | |
| CVE-2017-10347 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc | |
| CVE-2017-10346 | Cri | 9.6 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2017-10345 | Low | 3.1 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows un | |
| CVE-2017-10295 | Med | 4.0 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unaut | |
| CVE-2017-10293 | Med | 6.1 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ | |
| CVE-2017-10285 | Cri | 9.6 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acce | |
| CVE-2017-10281 | Med | 5.3 | < 1.6.0_sr16.50-85.5.1 | 1.6.0_sr16.50-85.5.1 | Oct 19, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unau | |
| CVE-2016-9843 | Cri | 9.8 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |
| CVE-2016-9842 | Hig | 8.8 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | May 23, 2017 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |
| CVE-2016-9841 | Cri | 9.8 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | May 23, 2017 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2016-9840 | Hig | 8.8 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | May 23, 2017 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2017-1289 | Hig | 8.2 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | May 22, 2017 | IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150. | |
| CVE-2017-3544 | Low | 3.7 | < 1.6.0_sr16.45-84.1 | 1.6.0_sr16.45-84.1 | Apr 24, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen |
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with netw
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with ne
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthent
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthe
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access v
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with networ
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows un
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unaut
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acce
- affected < 1.6.0_sr16.50-85.5.1fixed 1.6.0_sr16.50-85.5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unau
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.
- affected < 1.6.0_sr16.45-84.1fixed 1.6.0_sr16.45-84.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen
Page 1 of 2