English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.123981
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2012-0322)
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk' package(s) announced via the ELSA-2012-0322 advisory.
Description:Summary:
The remote host is missing an update for the 'java-1.6.0-openjdk' package(s) announced via the ELSA-2012-0322 advisory.

Vulnerability Insight:
[1.6.0.0-1.25.1.10.6.0.1.el5_8]
- Add oracle-enterprise.patch

[1:1.6.0.0-1.25.1.10.6]
- Updated to IcedTea6 1.10.6
- Resolves: rhbz#787142
- Security fixes
- S7082299: Fix in AtomicReferenceArray
- S7088367: Fix issues in java sound
- S7110683: Issues with some KeyboardFocusManager method
- S7110687: Issues with TimeZone class
- S7110700: Enhance exception throwing mechanism in ObjectStreamClass
- S7110704: Issues with some method in corba
- S7112642: Incorrect checking for graphics rendering object
- S7118283: Better input parameter checking in zip file processing
- S7126960: Add property to limit number of request headers to the HTTP Server
- Bug fixes
- RH580478: Desktop files should not use hardcoded path
- Removed and deleted upstreamed patch7 - name-rmi-fix.patch
- Removed and deleted upstreamed Hugepages patches:
- Source100: 7034464-hugepage.patch
- Source101: 7037939-hugepage.patch
- Source102: 7043564-hugepage.patch

Affected Software/OS:
'java-1.6.0-openjdk' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3563
BugTraq ID: 52012
http://www.securityfocus.com/bid/52012
Debian Security Information: DSA-2420 (Google Search)
http://www.debian.org/security/2012/dsa-2420
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBMU02797
http://marc.info/?l=bugtraq&m=134254957702612&w=2
HPdes Security Advisory: HPSBMU02799
http://marc.info/?l=bugtraq&m=134254866602253&w=2
HPdes Security Advisory: HPSBUX02757
http://marc.info/?l=bugtraq&m=133364885411663&w=2
HPdes Security Advisory: HPSBUX02760
http://marc.info/?l=bugtraq&m=133365109612558&w=2
HPdes Security Advisory: HPSBUX02777
http://marc.info/?l=bugtraq&m=133728004526190&w=2
HPdes Security Advisory: HPSBUX02784
http://marc.info/?l=bugtraq&m=133847939902305&w=2
HPdes Security Advisory: SSRT100779
HPdes Security Advisory: SSRT100805
HPdes Security Advisory: SSRT100854
HPdes Security Advisory: SSRT100867
HPdes Security Advisory: SSRT100871
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14942
RedHat Security Advisories: RHSA-2012:0508
http://rhn.redhat.com/errata/RHSA-2012-0508.html
RedHat Security Advisories: RHSA-2012:0514
http://rhn.redhat.com/errata/RHSA-2012-0514.html
RedHat Security Advisories: RHSA-2012:0702
http://rhn.redhat.com/errata/RHSA-2012-0702.html
RedHat Security Advisories: RHSA-2012:1080
http://rhn.redhat.com/errata/RHSA-2012-1080.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/48073
http://secunia.com/advisories/48074
http://secunia.com/advisories/48589
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/48950
http://secunia.com/advisories/49198
SuSE Security Announcement: SUSE-SU-2012:0602 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
SuSE Security Announcement: SUSE-SU-2012:0603 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
SuSE Security Announcement: SUSE-SU-2012:0734 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00009.html
SuSE Security Announcement: SUSE-SU-2012:0881 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00007.html
SuSE Security Announcement: SUSE-SU-2012:1013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00015.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-3571
http://secunia.com/advisories/50897
SuSE Security Announcement: openSUSE-SU-2012:1323 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-5035
Bugtraq: 20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
CERT/CC vulnerability note: VU#903934
http://www.kb.cert.org/vuls/id/903934
HPdes Security Advisory: HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.ocert.org/advisories/ocert-2011-003.html
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16908
http://secunia.com/advisories/57126
Common Vulnerability Exposure (CVE) ID: CVE-2012-0497
BugTraq ID: 52009
http://www.securityfocus.com/bid/52009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14772
Common Vulnerability Exposure (CVE) ID: CVE-2012-0501
BugTraq ID: 52013
http://www.securityfocus.com/bid/52013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15069
Common Vulnerability Exposure (CVE) ID: CVE-2012-0502
BugTraq ID: 52011
http://www.securityfocus.com/bid/52011
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14900
Common Vulnerability Exposure (CVE) ID: CVE-2012-0503
BugTraq ID: 52018
http://www.securityfocus.com/bid/52018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14813
Common Vulnerability Exposure (CVE) ID: CVE-2012-0505
BugTraq ID: 52017
http://www.securityfocus.com/bid/52017
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13976
Common Vulnerability Exposure (CVE) ID: CVE-2012-0506
BugTraq ID: 52014
http://www.securityfocus.com/bid/52014
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14082
Common Vulnerability Exposure (CVE) ID: CVE-2012-0507
BugTraq ID: 52161
http://www.securityfocus.com/bid/52161
http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.