ID de Prueba:	1.3.6.1.4.1.25623.1.0.60846
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0243
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0243. The BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic JRockit Virtual Machine 1.4.2_16 and is certified for the Java 2 Platform, Standard Edition, v1.4.2. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) Please note: This vulnerability can only be triggered in java-1.4.2-bea by calling the appletviewer application. All java-1.4.2-bea users should upgrade to this updated package which addresses this vulnerability. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0243.html http://dev2dev.bea.com/pub/advisory/277 http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1187 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://dev2dev.bea.com/pub/advisory/277 Cert/CC Advisory: TA08-066A http://www.us-cert.gov/cas/techalerts/TA08-066A.html http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml http://security.gentoo.org/glsa/glsa-200804-28.xml http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml http://jvn.jp/en/jp/JVN04032535/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278 http://www.redhat.com/support/errata/RHSA-2008-0186.html http://www.redhat.com/support/errata/RHSA-2008-0210.html http://www.redhat.com/support/errata/RHSA-2008-0243.html http://www.redhat.com/support/errata/RHSA-2008-0244.html http://www.redhat.com/support/errata/RHSA-2008-0245.html http://www.redhat.com/support/errata/RHSA-2008-0267.html http://www.redhat.com/support/errata/RHSA-2008-0555.html http://www.securitytracker.com/id?1019548 http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/29999 http://secunia.com/advisories/30003 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/31067 http://secunia.com/advisories/31497 http://secunia.com/advisories/31580 http://secunia.com/advisories/31586 http://secunia.com/advisories/32018 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 SuSE Security Announcement: SUSE-SA:2008:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html SuSE Security Announcement: SUSE-SA:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://www.vupen.com/english/advisories/2008/0770/references http://www.vupen.com/english/advisories/2008/1252 http://www.vupen.com/english/advisories/2008/1856/references XForce ISS Database: java-virtualmachine-multiple-priv-escalation(41025) https://exchange.xforce.ibmcloud.com/vulnerabilities/41025
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.