Showing 1 - 16 of 16

CVE-2019-2988

Status Candidate

Overview

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

Related Files

Red Hat Security Advisory 2020-0046-01: Posted Jan 7, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0046-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 7afc9a0d7aac85fc76e9e8bed71610847e2271baa85e26dc197531371f68b7f0; Download | Favorite | View

Red Hat Security Advisory 2020-0006-01: Posted Jan 2, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-0006-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 382993010ac05d907c5a1d15310abff9dfd89a6736983922f2cbededcbc94954; Download | Favorite | View

Ubuntu Security Notice USN-4223-1: Posted Dec 18, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4223-1 - Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. It was discovered that the Socket implementation in OpenJDK did not properly restrict the creation of subclasses with a custom Socket implementation. An attacker could use this to specially create a Java class that could possibly bypass Java sandbox restrictions. Various other issues were also addressed.; tags | advisory, java; systems | linux, ubuntu; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 3e331b7ac5ae58746f0340a4b804d07d2cca4361bab05931f9b147f931602d1c; Download | Favorite | View

Red Hat Security Advisory 2019-4115-01: Posted Dec 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4115-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | 4b71d33f382e5e49154dc2716af7399bcee7a7701f8ea51cc94e0891474b32ec; Download | Favorite | View

Red Hat Security Advisory 2019-4113-01: Posted Dec 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4113-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-17631, CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2996, CVE-2019-2999; SHA-256 | d666e814e18905e238d69e35f214f6c18b5e35e57e865b5590848b0321d14169; Download | Favorite | View

Red Hat Security Advisory 2019-4109-01: Posted Dec 5, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4109-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 968d959fde4c2a03c012fae36e23646bf2dfebf2fe41f0a770f14c22863f148f; Download | Favorite | View

Red Hat Security Advisory 2019-4110-01: Posted Dec 5, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-4110-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | c2163794ac91d134a60d9ad2a503a0c2c6e311293f7fe330faa334d9d3bd401a; Download | Favorite | View

Debian Security Advisory 4548-1: Posted Oct 21, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4548-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.; tags | advisory, java, denial of service, vulnerability, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | b8bcde877f6272bcd32a05a018a9cdc9bc6dcdb15213d3642b3e1c40a0a17efb; Download | Favorite | View

Debian Security Advisory 4546-1: Posted Oct 21, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4546-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation.; tags | advisory, java, denial of service, vulnerability, xss, info disclosure; systems | linux, debian; advisories | CVE-2019-2894, CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 352af449337abb2eb16df71059490cdac5644dd446be50a1aa162a6f50f5bb77; Download | Favorite | View

Red Hat Security Advisory 2019-3157-01: Posted Oct 21, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3157-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 580ca48ccbfadcc5ae46aa7626a2e1e35aa149c3a88c47c63b7636aaf7712e2b; Download | Favorite | View

Red Hat Security Advisory 2019-3158-01: Posted Oct 21, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3158-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 626e0c8ce1feb4d26f15b7e661d30b9fafd9f8a87bf7af2dbb288cb1b0b91e54; Download | Favorite | View

Red Hat Security Advisory 2019-3136-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3136-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | fa137af05ab1eed2d55106b7ddfdd5d6f9f043f2af6fada5624bd6ea0acd33cd; Download | Favorite | View

Red Hat Security Advisory 2019-3135-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3135-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 46e1c6f46d190bdbb44fd7fcb87b8ac2b92161a07119db2a326bd9ccc20ac4df; Download | Favorite | View

Red Hat Security Advisory 2019-3134-01: Posted Oct 17, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3134-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | c2a52cfd591d9a4a07d5da7bdc673a37b9ac484ad87a4225e8f9ee5c37ee212d; Download | Favorite | View

Red Hat Security Advisory 2019-3127-01: Posted Oct 16, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3127-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2977, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | e2152d3c4f5d1bb85e164ffc79615c747290fb11facd564d6446eed3375165a5; Download | Favorite | View

Red Hat Security Advisory 2019-3128-01: Posted Oct 16, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3128-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include deserialization and null pointer vulnerabilities.; tags | advisory, java, vulnerability; systems | linux, redhat; advisories | CVE-2019-2945, CVE-2019-2949, CVE-2019-2962, CVE-2019-2964, CVE-2019-2973, CVE-2019-2975, CVE-2019-2978, CVE-2019-2981, CVE-2019-2983, CVE-2019-2987, CVE-2019-2988, CVE-2019-2989, CVE-2019-2992, CVE-2019-2999; SHA-256 | 8ce4ddf44adaffb5c974d67b15377c5008f824c164d9241e239a726eae1f5b41; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2019-2988

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems