Test ID:	1.3.6.1.4.1.25623.1.0.831544
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for java-1.6.0-openjdk MDVSA-2012:021 (java-1.6.0-openjdk)
Summary:	The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'java-1.6.0-openjdk' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple security issues were identified and fixed in OpenJDK (icedtea6): Fix issues in java sound (CVE-2011-3563). Fix in AtomicReferenceArray (CVE-2011-3571). Add property to limit number of request headers to the HTTP Server (CVE-2011-5035). Incorrect checking for graphics rendering object (CVE-2012-0497). Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500). Better input parameter checking in zip file processing (CVE-2012-0501). Issues with some KeyboardFocusManager method (CVE-2012-0502). Issues with TimeZone class (CVE-2012-0503). Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505). Issues with some method in corba (CVE-2012-0506). The updated packages provides icedtea6-1.10.6 which is not vulnerable to these issues. Affected Software/OS: java-1.6.0-openjdk on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3563 BugTraq ID: 52012 http://www.securityfocus.com/bid/52012 Debian Security Information: DSA-2420 (Google Search) http://www.debian.org/security/2012/dsa-2420 http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBMU02797 http://marc.info/?l=bugtraq&m=134254957702612&w=2 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBUX02757 http://marc.info/?l=bugtraq&m=133364885411663&w=2 HPdes Security Advisory: HPSBUX02760 http://marc.info/?l=bugtraq&m=133365109612558&w=2 HPdes Security Advisory: HPSBUX02777 http://marc.info/?l=bugtraq&m=133728004526190&w=2 HPdes Security Advisory: HPSBUX02784 http://marc.info/?l=bugtraq&m=133847939902305&w=2 HPdes Security Advisory: SSRT100779 HPdes Security Advisory: SSRT100805 HPdes Security Advisory: SSRT100854 HPdes Security Advisory: SSRT100867 HPdes Security Advisory: SSRT100871 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14942 RedHat Security Advisories: RHSA-2012:0508 http://rhn.redhat.com/errata/RHSA-2012-0508.html RedHat Security Advisories: RHSA-2012:0514 http://rhn.redhat.com/errata/RHSA-2012-0514.html RedHat Security Advisories: RHSA-2012:0702 http://rhn.redhat.com/errata/RHSA-2012-0702.html RedHat Security Advisories: RHSA-2012:1080 http://rhn.redhat.com/errata/RHSA-2012-1080.html RedHat Security Advisories: RHSA-2013:1455 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48073 http://secunia.com/advisories/48074 http://secunia.com/advisories/48589 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/48950 http://secunia.com/advisories/49198 SuSE Security Announcement: SUSE-SU-2012:0602 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html SuSE Security Announcement: SUSE-SU-2012:0603 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html SuSE Security Announcement: SUSE-SU-2012:0734 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00009.html SuSE Security Announcement: SUSE-SU-2012:0881 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00007.html SuSE Security Announcement: SUSE-SU-2012:1013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00015.html Common Vulnerability Exposure (CVE) ID: CVE-2011-3571 http://secunia.com/advisories/50897 SuSE Security Announcement: openSUSE-SU-2012:1323 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html Common Vulnerability Exposure (CVE) ID: CVE-2011-5035 Bugtraq: 20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table (Google Search) http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html CERT/CC vulnerability note: VU#903934 http://www.kb.cert.org/vuls/id/903934 HPdes Security Advisory: HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16908 http://secunia.com/advisories/57126 Common Vulnerability Exposure (CVE) ID: CVE-2012-0497 BugTraq ID: 52009 http://www.securityfocus.com/bid/52009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14772 Common Vulnerability Exposure (CVE) ID: CVE-2012-0498 BugTraq ID: 52019 http://www.securityfocus.com/bid/52019 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15075 Common Vulnerability Exposure (CVE) ID: CVE-2012-0499 BugTraq ID: 52016 http://www.securityfocus.com/bid/52016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14878 Common Vulnerability Exposure (CVE) ID: CVE-2012-0500 BugTraq ID: 52015 http://www.securityfocus.com/bid/52015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14844 Common Vulnerability Exposure (CVE) ID: CVE-2012-0501 BugTraq ID: 52013 http://www.securityfocus.com/bid/52013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15069 Common Vulnerability Exposure (CVE) ID: CVE-2012-0502 BugTraq ID: 52011 http://www.securityfocus.com/bid/52011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14900 Common Vulnerability Exposure (CVE) ID: CVE-2012-0503 BugTraq ID: 52018 http://www.securityfocus.com/bid/52018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14813 Common Vulnerability Exposure (CVE) ID: CVE-2012-0505 BugTraq ID: 52017 http://www.securityfocus.com/bid/52017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13976 Common Vulnerability Exposure (CVE) ID: CVE-2012-0506 BugTraq ID: 52014 http://www.securityfocus.com/bid/52014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14082
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.