ID de Prueba:	1.3.6.1.4.1.25623.1.0.62906
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0817
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0817. IBM's 1.4.2 SR9 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges and read and write local files that are accessible to the user running the Java Web Start application. (CVE-2007-2435) A buffer overflow in the image code JRE was found. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-3004) An unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005) All users of java-1.4.2-ibm should upgrade to these updated packages, which contain IBM's 1.4.2 SR9 Java release that resolves these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0817.html http://www.redhat.com/security/updates/classification/#critical Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2435 http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html http://dev2dev.bea.com/pub/advisory/241 BugTraq ID: 23728 http://www.securityfocus.com/bid/23728 http://www.gentoo.org/security/en/glsa/glsa-200705-23.xml http://security.gentoo.org/glsa/glsa-200706-08.xml http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml http://security.gentoo.org/glsa/glsa-200804-28.xml http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml http://docs.info.apple.com/article.html?artnum=307177 http://osvdb.org/35483 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10999 http://www.redhat.com/support/errata/RHSA-2007-0817.html http://www.redhat.com/support/errata/RHSA-2007-0829.html http://www.redhat.com/support/errata/RHSA-2008-0261.html http://www.securitytracker.com/id?1017986 http://secunia.com/advisories/25069 http://secunia.com/advisories/25283 http://secunia.com/advisories/25413 http://secunia.com/advisories/25474 http://secunia.com/advisories/25832 http://secunia.com/advisories/26311 http://secunia.com/advisories/26369 http://secunia.com/advisories/28115 http://secunia.com/advisories/29858 http://secunia.com/advisories/30780 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 http://www.vupen.com/english/advisories/2007/1598 http://www.vupen.com/english/advisories/2007/1814 http://www.vupen.com/english/advisories/2007/4224 XForce ISS Database: javawebstart-classes-privilege-escalation(33984) https://exchange.xforce.ibmcloud.com/vulnerabilities/33984 Common Vulnerability Exposure (CVE) ID: CVE-2007-3004 Common Vulnerability Exposure (CVE) ID: CVE-2007-3005
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.