Test Kennung:	1.3.6.1.4.1.25623.1.0.58024
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200702-07 (java)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200702-07.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200702-07. Vulnerability Insight: Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) contain a memory corruption flaw that allows the applets to gain elevated privileges potentially leading to the execute of arbitrary code. Solution: All Sun Java Development Kit 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.5.0.10' All Sun Java Development Kit 1.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '=dev-java/sun-jdk-1.4.2*' All Sun Java Runtime Environment 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.5.0.10' All Sun Java Runtime Environment 1.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '=dev-java/sun-jre-bin-1.4.2*' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0243 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://dev2dev.bea.com/pub/advisory/242 BugTraq ID: 22085 http://www.securityfocus.com/bid/22085 Bugtraq: 20070117 ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/457159/100/0/threaded Bugtraq: 20070121 Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit (Google Search) http://www.securityfocus.com/archive/1/457638/100/0/threaded Cert/CC Advisory: TA07-022A http://www.us-cert.gov/cas/techalerts/TA07-022A.html CERT/CC vulnerability note: VU#388289 http://www.kb.cert.org/vuls/id/388289 http://www.gentoo.org/security/en/glsa/glsa-200702-07.xml http://security.gentoo.org/glsa/glsa-200702-08.xml HPdes Security Advisory: HPSBUX02196 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579 HPdes Security Advisory: SSRT071318 http://docs.info.apple.com/article.html?artnum=307177 http://www.zerodayinitiative.com/advisories/ZDI-07-005.html http://osvdb.org/32834 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11073 http://www.redhat.com/support/errata/RHSA-2007-0166.html http://www.redhat.com/support/errata/RHSA-2007-0167.html http://www.redhat.com/support/errata/RHSA-2007-0956.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://securitytracker.com/id?1017520 http://secunia.com/advisories/23757 http://secunia.com/advisories/24189 http://secunia.com/advisories/24202 http://secunia.com/advisories/24468 http://secunia.com/advisories/24993 http://secunia.com/advisories/25283 http://secunia.com/advisories/26049 http://secunia.com/advisories/26119 http://secunia.com/advisories/26645 http://secunia.com/advisories/27203 http://secunia.com/advisories/28115 http://securityreason.com/securityalert/2158 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 SuSE Security Announcement: SUSE-SA:2007:045 (Google Search) http://www.novell.com/linux/security/advisories/2007_45_java.html http://www.vupen.com/english/advisories/2007/0211 http://www.vupen.com/english/advisories/2007/0936 http://www.vupen.com/english/advisories/2007/1814 http://www.vupen.com/english/advisories/2007/4224 XForce ISS Database: jre-gif-bo(31537) https://exchange.xforce.ibmcloud.com/vulnerabilities/31537
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.