English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870852
Category:Red Hat Local Security Checks
Title:RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'java-1.6.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

Multiple improper permission check issues were discovered in the Beans,
Swing, and JMX components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2012-5086, CVE-2012-5084, CVE-2012-5089)

Multiple improper permission check issues were discovered in the Scripting,
JMX, Concurrency, Libraries, and Security components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,
CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)

It was discovered that java.util.ServiceLoader could create an instance of
an incompatible class while performing provider lookup. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2012-5079)

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3216
BugTraq ID: 56075
http://www.securityfocus.com/bid/56075
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBOV02833
http://marc.info/?l=bugtraq&m=135758563611658&w=2
HPdes Security Advisory: HPSBUX02832
http://marc.info/?l=bugtraq&m=135542848327757&w=2
HPdes Security Advisory: SSRT101042
HPdes Security Advisory: SSRT101043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16538
RedHat Security Advisories: RHSA-2012:1385
http://rhn.redhat.com/errata/RHSA-2012-1385.html
RedHat Security Advisories: RHSA-2012:1386
http://rhn.redhat.com/errata/RHSA-2012-1386.html
RedHat Security Advisories: RHSA-2012:1391
http://rhn.redhat.com/errata/RHSA-2012-1391.html
RedHat Security Advisories: RHSA-2012:1392
http://rhn.redhat.com/errata/RHSA-2012-1392.html
RedHat Security Advisories: RHSA-2012:1465
http://rhn.redhat.com/errata/RHSA-2012-1465.html
RedHat Security Advisories: RHSA-2012:1466
http://rhn.redhat.com/errata/RHSA-2012-1466.html
RedHat Security Advisories: RHSA-2012:1467
http://rhn.redhat.com/errata/RHSA-2012-1467.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/51028
http://secunia.com/advisories/51029
http://secunia.com/advisories/51141
http://secunia.com/advisories/51166
http://secunia.com/advisories/51313
http://secunia.com/advisories/51315
http://secunia.com/advisories/51326
http://secunia.com/advisories/51327
http://secunia.com/advisories/51328
http://secunia.com/advisories/51390
http://secunia.com/advisories/51393
http://secunia.com/advisories/51438
SuSE Security Announcement: SUSE-SU-2012:1398 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
SuSE Security Announcement: SUSE-SU-2012:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
SuSE Security Announcement: SUSE-SU-2012:1490 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
SuSE Security Announcement: SUSE-SU-2012:1595 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
SuSE Security Announcement: openSUSE-SU-2012:1423 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4416
BugTraq ID: 55501
http://www.securityfocus.com/bid/55501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16623
Common Vulnerability Exposure (CVE) ID: CVE-2012-5068
BugTraq ID: 56076
http://www.securityfocus.com/bid/56076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16533
XForce ISS Database: javaruntimeenvironment-lib-cve20125068(79425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79425
Common Vulnerability Exposure (CVE) ID: CVE-2012-5069
BugTraq ID: 56065
http://www.securityfocus.com/bid/56065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16685
XForce ISS Database: javaruntimeenvironment-cc-cve20125069(79428)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79428
Common Vulnerability Exposure (CVE) ID: CVE-2012-5071
BugTraq ID: 56061
http://www.securityfocus.com/bid/56061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16227
XForce ISS Database: javaruntimeenvironment-jmx-cve20125071(79427)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79427
Common Vulnerability Exposure (CVE) ID: CVE-2012-5072
BugTraq ID: 56083
http://www.securityfocus.com/bid/56083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16522
XForce ISS Database: javaruntimeenvironment-security-info-disc(79434)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79434
Common Vulnerability Exposure (CVE) ID: CVE-2012-5073
BugTraq ID: 56080
http://www.securityfocus.com/bid/56080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16466
XForce ISS Database: javaruntimeenvironment-lib-cve20125073(79432)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79432
Common Vulnerability Exposure (CVE) ID: CVE-2012-5075
BugTraq ID: 56081
http://www.securityfocus.com/bid/56081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16684
XForce ISS Database: javaruntimeenvironment-comjmx-info-disc(79431)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79431
Common Vulnerability Exposure (CVE) ID: CVE-2012-5077
BugTraq ID: 56058
http://www.securityfocus.com/bid/56058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16585
XForce ISS Database: javaruntimeenvironment-sec-info-disc(79437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79437
Common Vulnerability Exposure (CVE) ID: CVE-2012-5079
BugTraq ID: 56082
http://www.securityfocus.com/bid/56082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16602
XForce ISS Database: javaruntimeenvironment-lib-cve20125079(79433)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79433
Common Vulnerability Exposure (CVE) ID: CVE-2012-5081
BugTraq ID: 56071
http://www.securityfocus.com/bid/56071
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16043
Common Vulnerability Exposure (CVE) ID: CVE-2012-5084
BugTraq ID: 56063
http://www.securityfocus.com/bid/56063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16553
XForce ISS Database: javaruntimeenvironment-swing-cve20125084(79423)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79423
Common Vulnerability Exposure (CVE) ID: CVE-2012-5085
BugTraq ID: 56067
http://www.securityfocus.com/bid/56067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16654
Common Vulnerability Exposure (CVE) ID: CVE-2012-5086
BugTraq ID: 56039
http://www.securityfocus.com/bid/56039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16387
XForce ISS Database: javaruntimeenvironment-beans-cve20125086(79414)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79414
Common Vulnerability Exposure (CVE) ID: CVE-2012-5089
BugTraq ID: 56059
http://www.securityfocus.com/bid/56059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16506
XForce ISS Database: javaruntimeenvironment-jmx-cve20125089(79422)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79422
CopyrightCopyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.