rpm package

suse/java-1_8_0-openjdk&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (190)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-5597	Med	5.9	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
CVE-2016-5582	Cri	9.6	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
CVE-2016-5573	Hig	8.3	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2016-5568	Cri	9.6	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2016-5556	Cri	9.6	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
CVE-2016-5554	Med	4.3	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
CVE-2016-5542	Low	3.1	< 1.8.0.111-17.1	1.8.0.111-17.1	Oct 25, 2016	Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
CVE-2016-2183	Hig	7.5	< 1.8.0.121-20.1	1.8.0.121-20.1	Sep 1, 2016	The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura
CVE-2016-2834	Hig	8.8	< 1.8.0.121-23.4	1.8.0.121-23.4	Jun 13, 2016	Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-1950	Hig	8.8	< 1.8.0.121-23.4	1.8.0.121-23.4	Mar 13, 2016	Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509

CVE-2016-5597MedOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
CVE-2016-5582CriOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.
CVE-2016-5573HigOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2016-5568CriOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2016-5556CriOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
CVE-2016-5554MedOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
CVE-2016-5542LowOct 25, 2016
affected < 1.8.0.111-17.1fixed 1.8.0.111-17.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
CVE-2016-2183HigSep 1, 2016
affected < 1.8.0.121-20.1fixed 1.8.0.121-20.1
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura
CVE-2016-2834HigJun 13, 2016
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2016-1950HigMar 13, 2016
affected < 1.8.0.121-23.4fixed 1.8.0.121-23.4
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509

Page 10 of 10