Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:977 (sun-jre)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55069

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLSA-2005:977 (sun-jre)

Resumen: Conectiva Security Advisory CLSA-2005:977 (sun-jre)

Descripción:
The remote host is missing updates announced in
advisory CLSA-2005:977.

1. CVE-2005-0836
Jouko Pynnonen reported a vulnerability in Java
Web Start which allows applications to escape the
java sandbox and thus obtain higher privileges,
such as being able to read and write to local files
and execute other programs.

2. CVE-2005-1974
Adam Gowdiak reported a vulnerability in the JRE
where an untrusted appled may elevate its privileges.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000977
http://www.javasoft.com
http://marc.theaimsgroup.com/?l=full-disclosure&m=111117284323657&w=2

Risk factor : Critical

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0836
http://marc.theaimsgroup.com/?l=full-disclosure&m=111117284323657&w=2
http://jouko.iki.fi/adv/ws.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1
http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1
SuSE Security Announcement: SUSE-SA:2005:032 (Google Search)
http://www.novell.com/linux/security/advisories/2005_32_java2.html
BugTraq ID: 12847
http://www.securityfocus.com/bid/12847
http://secunia.com/advisories/14640
Common Vulnerability Exposure (CVE) ID: CVE-2005-1974
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1
HPdes Security Advisory: HPSBUX01215
http://marc.theaimsgroup.com/?l=bugtraq&m=112861772130119&w=2
HPdes Security Advisory: SSRT051004
HPdes Security Advisory: HPSBMA01234
http://marc.theaimsgroup.com/?l=bugtraq&m=112992075412844&w=2
HPdes Security Advisory: SSRT051052
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1
BugTraq ID: 13958
http://www.securityfocus.com/bid/13958
http://www.vupen.com/english/advisories/2005/2150
http://securitytracker.com/id?1015643
http://secunia.com/advisories/17272
http://securityreason.com/securityalert/56

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55069
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLSA-2005:977 (sun-jre)
Resumen:	Conectiva Security Advisory CLSA-2005:977 (sun-jre)
Descripción:	The remote host is missing updates announced in advisory CLSA-2005:977. 1. CVE-2005-0836 Jouko Pynnonen reported a vulnerability in Java Web Start which allows applications to escape the java sandbox and thus obtain higher privileges, such as being able to read and write to local files and execute other programs. 2. CVE-2005-1974 Adam Gowdiak reported a vulnerability in the JRE where an untrusted appled may elevate its privileges. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000977 http://www.javasoft.com http://marc.theaimsgroup.com/?l=full-disclosure&m=111117284323657&w=2 Risk factor : Critical
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0836 http://marc.theaimsgroup.com/?l=full-disclosure&m=111117284323657&w=2 http://jouko.iki.fi/adv/ws.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-200255-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000200.1-1 SuSE Security Announcement: SUSE-SA:2005:032 (Google Search) http://www.novell.com/linux/security/advisories/2005_32_java2.html BugTraq ID: 12847 http://www.securityfocus.com/bid/12847 http://secunia.com/advisories/14640 Common Vulnerability Exposure (CVE) ID: CVE-2005-1974 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1 HPdes Security Advisory: HPSBUX01215 http://marc.theaimsgroup.com/?l=bugtraq&m=112861772130119&w=2 HPdes Security Advisory: SSRT051004 HPdes Security Advisory: HPSBMA01234 http://marc.theaimsgroup.com/?l=bugtraq&m=112992075412844&w=2 HPdes Security Advisory: SSRT051052 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1 BugTraq ID: 13958 http://www.securityfocus.com/bid/13958 http://www.vupen.com/english/advisories/2005/2150 http://securitytracker.com/id?1015643 http://secunia.com/advisories/17272 http://securityreason.com/securityalert/56
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com