rpm package
suse/java-1_7_0-openjdk&distro=SUSE Linux Enterprise Server 12-LTSS
pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Vulnerabilities (90)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-10101 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access | |
| CVE-2017-10096 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access | |
| CVE-2017-10090 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v | |
| CVE-2017-10089 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja | |
| CVE-2017-10087 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a | |
| CVE-2017-10086 | Cri | 9.6 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. S | |
| CVE-2017-10081 | Med | 4.3 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc | |
| CVE-2017-10074 | Hig | 8.3 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a | |
| CVE-2017-10067 | Hig | 7.5 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise | |
| CVE-2017-10053 | Med | 5.3 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Aug 8, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at | |
| CVE-2016-9843 | Cri | 9.8 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | May 23, 2017 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | |
| CVE-2016-9842 | Hig | 8.8 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | May 23, 2017 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | |
| CVE-2016-9841 | Cri | 9.8 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | May 23, 2017 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2016-9840 | Hig | 8.8 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | May 23, 2017 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | |
| CVE-2016-10165 | Hig | 7.1 | < 1.7.0.161-43.7.6 | 1.7.0.161-43.7.6 | Feb 3, 2017 | The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | |
| CVE-2017-3289 | Cri | 9.6 | < 1.7.0.131-39.1 | 1.7.0.131-39.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via | |
| CVE-2017-3272 | Cri | 9.6 | < 1.7.0.131-39.1 | 1.7.0.131-39.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a | |
| CVE-2017-3261 | Med | 4.3 | < 1.7.0.131-39.1 | 1.7.0.131-39.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2017-3260 | Hig | 8.3 | < 1.7.0.131-39.1 | 1.7.0.131-39.1 | Jan 27, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su | |
| CVE-2017-3259 | Low | 3.7 | < 1.7.0.131-39.1 | 1.7.0.131-39.1 | Jan 27, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi |
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access v
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network a
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. S
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network acc
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network a
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
- affected < 1.7.0.161-43.7.6fixed 1.7.0.161-43.7.6
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
- affected < 1.7.0.131-39.1fixed 1.7.0.131-39.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
- affected < 1.7.0.131-39.1fixed 1.7.0.131-39.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
- affected < 1.7.0.131-39.1fixed 1.7.0.131-39.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.7.0.131-39.1fixed 1.7.0.131-39.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Su
- affected < 1.7.0.131-39.1fixed 1.7.0.131-39.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi
Page 4 of 5