Download
| Alert*
oval:org.secpod.oval:def:1505735
[0:1.2.14-6.4.2] - Fix CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2017-5645 - [Orabug: 33868008] [0:1.2.14-6.4.1] - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 [Orabug: 33689748] oval:org.secpod.oval:def:112457 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:63999 Oracle Solaris 11 - ( CVE-2017-5645 ) oval:org.secpod.oval:def:112331 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:204601 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specia ... oval:org.secpod.oval:def:43819 The host is installed with oracle webLogic server 10.3.6.0, 12.1.3.0, 12.2.1.2 or 12.2.1.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle specially crafted binary payloads. Successful exploitation allows an attacker to execute a ... oval:org.secpod.oval:def:502118 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specia ... oval:org.secpod.oval:def:505072 Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specia ... oval:org.secpod.oval:def:2105837 Oracle Solaris 11 - ( CVE-2017-5645 ) oval:org.secpod.oval:def:1501981 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:112329 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:112442 Log4j is a tool to help the programmer output log statements to a variety of output targets. oval:org.secpod.oval:def:1601506 It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger ... oval:org.secpod.oval:def:47392 The host is installed with oracle fusion middleware mapViewer 12.2.1.2 or 12.2.1.3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle the install (Apache Log4j) component issue. Successful exploitation allows an attacker to execute arbi ... oval:org.secpod.oval:def:1700806 A flaw was found in the Java logging library Apache Log4j in version 1.x . This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender. This flaw has been filed for Log4j 1.x, the corresponding flaw information for Log4j 2.x is available a ... |