Tagged: oracle

Thumbnail 0

TA15-119A: Top 30 Targeted High Risk Vulnerabilities

Original release date: April 29, 2015 Systems Affected Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL.  Overview Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of targeted attacks are preventable [1] . This Alert provides information on the 30 most commonly exploited vulnerabilities used in these attacks, along with prevention and mitigation recommendations.

SB15-110: Vulnerability Summary for the Week of April 13, 2015 0

SB15-110: Vulnerability Summary for the Week of April 13, 2015

Original release date: April 20, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT).

VMware Product Updates Address Critical Information Disclosure Issue In JRE, (Sat, Apr 4th) 0

VMware Product Updates Address Critical Information Disclosure Issue In JRE, (Sat, Apr 4th)

VMSA-2015-0003 Oracle JRE is updated in VMware products to address a critical security issue that existed in earlier releases of Oracle JRE. VMware products running JRE 1.7 Update 75 or newer and JRE 1.6 Update 91 or newer are not vulnerable to CVE-2014-6593, as documented in the Oracle Java SE Critical Patch Update Advisory of January 2015. (c) SANS Internet Storm Center.