Test Kennung:	1.3.6.1.4.1.25623.1.0.61256
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2008:0555
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2008:0555. IBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) A buffer overflow flaw was found in Java Web Start (JWS). An untrusted application using the Java Network Launch Protocol (JNLP) could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1196) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain IBM's 1.4.2 SR11 Java release which resolves these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0555.html http://www.redhat.com/security/updates/classification/#critical Risk factor : High CVSS Score: 6.8
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1187 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://dev2dev.bea.com/pub/advisory/277 Cert/CC Advisory: TA08-066A http://www.us-cert.gov/cas/techalerts/TA08-066A.html http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml http://security.gentoo.org/glsa/glsa-200804-28.xml http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml http://jvn.jp/en/jp/JVN04032535/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278 http://www.redhat.com/support/errata/RHSA-2008-0186.html http://www.redhat.com/support/errata/RHSA-2008-0210.html http://www.redhat.com/support/errata/RHSA-2008-0243.html http://www.redhat.com/support/errata/RHSA-2008-0244.html http://www.redhat.com/support/errata/RHSA-2008-0245.html http://www.redhat.com/support/errata/RHSA-2008-0267.html http://www.redhat.com/support/errata/RHSA-2008-0555.html http://www.securitytracker.com/id?1019548 http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/29999 http://secunia.com/advisories/30003 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/31067 http://secunia.com/advisories/31497 http://secunia.com/advisories/31580 http://secunia.com/advisories/31586 http://secunia.com/advisories/32018 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 SuSE Security Announcement: SUSE-SA:2008:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html SuSE Security Announcement: SUSE-SA:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://www.vupen.com/english/advisories/2008/0770/references http://www.vupen.com/english/advisories/2008/1252 http://www.vupen.com/english/advisories/2008/1856/references XForce ISS Database: java-virtualmachine-multiple-priv-escalation(41025) https://exchange.xforce.ibmcloud.com/vulnerabilities/41025 Common Vulnerability Exposure (CVE) ID: CVE-2008-1196 CERT/CC vulnerability note: VU#223028 http://www.kb.cert.org/vuls/id/223028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10412 http://www.securitytracker.com/id?1019552 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233327-1 XForce ISS Database: sun-java-webstart-javaws-bo(41026) https://exchange.xforce.ibmcloud.com/vulnerabilities/41026
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.