Veracode Vulnerability DatabaseVERACODE:24645Denial Of Service (DoS)
0.027 Low
EPSS
Percentile
90.5%
openjdk is vulnerable to denial of service. A flaw was found in the XML Digital Signature component in OpenJDK. Untrusted code could use this flaw to replace the Java Runtime Environment (JRE) XML Digital Signature Transform or C14N algorithm implementations to intercept digital signature operations.
References
lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html
lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html
marc.info/?l=bugtraq&m=134254866602253&w=2
marc.info/?l=bugtraq&m=134254957702612&w=2
secunia.com/advisories/43350
security.gentoo.org/glsa/glsa-201406-32.xml
www.debian.org/security/2011/dsa-2224
www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html
www.mandriva.com/security/advisories?name=MDVSA-2011:054
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
www.redhat.com/support/errata/RHSA-2011-0281.html
www.redhat.com/support/errata/RHSA-2011-0282.html
www.securityfocus.com/bid/46404
access.redhat.com/errata/RHSA-2011:0281
access.redhat.com/security/updates/classification/#important
exchange.xforce.ibmcloud.com/vulnerabilities/65411
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12903
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14118
Related
