Test ID:	1.3.6.1.4.1.25623.1.0.123832
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-1223)
Summary:	The remote host is missing an update for the 'java-1.7.0-openjdk' package(s) announced via the ELSA-2012-1223 advisory.
Description:	Summary: The remote host is missing an update for the 'java-1.7.0-openjdk' package(s) announced via the ELSA-2012-1223 advisory. Vulnerability Insight: [1.7.0.5-2.2.1.0.1.el6_3.3] - Modify DISTRO_NAME for Oracle [1.7.0.5-2.2.1.el6.3] - Removed patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch - Applied upstream patches for same issue: patch 1001 sec-webrevs-openjdk7-29_aug_2012-7162473.patch patch 1002 sec-webrevs-openjdk7-29_aug_2012-7162476.patch patch 1003 sec-webrevs-openjdk7-29_aug_2012-7163201.patch patch 1004 sec-webrevs-openjdk7-29_aug_2012-7194567.patch patch 1005 sec-webrevs-openjdk7-29_aug_2012-78e01a6ca8d3.patch - Resolves: rhbz#852299 [1.7.0.5-2.2.1.1.el6] - Added patch 304 java-1.7.0-openjdk-beans-isPackageAccessible.patch to fix vulnerability until it is fixed in upstream sources. - Resolves: rhbz#852299 Affected Software/OS: 'java-1.7.0-openjdk' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0547 BugTraq ID: 55339 http://www.securityfocus.com/bid/55339 http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBUX02824 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03533078 HPdes Security Advisory: HPSBUX02825 http://marc.info/?l=bugtraq&m=135161897205627&w=2 HPdes Security Advisory: SSRT100970 HPdes Security Advisory: SSRT100974 RedHat Security Advisories: RHSA-2012:1222 http://rhn.redhat.com/errata/RHSA-2012-1222.html RedHat Security Advisories: RHSA-2012:1225 http://rhn.redhat.com/errata/RHSA-2012-1225.html RedHat Security Advisories: RHSA-2012:1392 http://rhn.redhat.com/errata/RHSA-2012-1392.html RedHat Security Advisories: RHSA-2012:1466 http://rhn.redhat.com/errata/RHSA-2012-1466.html RedHat Security Advisories: RHSA-2013:1455 http://rhn.redhat.com/errata/RHSA-2013-1455.html RedHat Security Advisories: RHSA-2013:1456 http://rhn.redhat.com/errata/RHSA-2013-1456.html http://secunia.com/advisories/51044 http://secunia.com/advisories/51141 http://secunia.com/advisories/51327 SuSE Security Announcement: SUSE-SU-2012:1148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.html SuSE Security Announcement: SUSE-SU-2012:1231 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html SuSE Security Announcement: openSUSE-SU-2012:1175 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.html http://www.ubuntu.com/usn/USN-1553-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1682 http://marc.info/?l=bugtraq&m=135109152819176&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2012-3136 Common Vulnerability Exposure (CVE) ID: CVE-2012-4681 BugTraq ID: 55213 http://www.securityfocus.com/bid/55213 Cert/CC Advisory: TA12-240A http://www.us-cert.gov/cas/techalerts/TA12-240A.html http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day SuSE Security Announcement: SUSE-SU-2012:1398 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.