Test ID:	1.3.6.1.4.1.25623.1.0.60846
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2008:0243
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2008:0243. The BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic JRockit Virtual Machine 1.4.2_16 and is certified for the Java 2 Platform, Standard Edition, v1.4.2. A flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1187) Please note: This vulnerability can only be triggered in java-1.4.2-bea by calling the appletviewer application. All java-1.4.2-bea users should upgrade to this updated package which addresses this vulnerability. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0243.html http://dev2dev.bea.com/pub/advisory/277 http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1187 http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html http://dev2dev.bea.com/pub/advisory/277 Cert/CC Advisory: TA08-066A http://www.us-cert.gov/cas/techalerts/TA08-066A.html http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml http://security.gentoo.org/glsa/glsa-200804-28.xml http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml http://jvn.jp/en/jp/JVN04032535/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278 http://www.redhat.com/support/errata/RHSA-2008-0186.html http://www.redhat.com/support/errata/RHSA-2008-0210.html http://www.redhat.com/support/errata/RHSA-2008-0243.html http://www.redhat.com/support/errata/RHSA-2008-0244.html http://www.redhat.com/support/errata/RHSA-2008-0245.html http://www.redhat.com/support/errata/RHSA-2008-0267.html http://www.redhat.com/support/errata/RHSA-2008-0555.html http://www.securitytracker.com/id?1019548 http://secunia.com/advisories/29239 http://secunia.com/advisories/29273 http://secunia.com/advisories/29498 http://secunia.com/advisories/29582 http://secunia.com/advisories/29841 http://secunia.com/advisories/29858 http://secunia.com/advisories/29897 http://secunia.com/advisories/29999 http://secunia.com/advisories/30003 http://secunia.com/advisories/30676 http://secunia.com/advisories/30780 http://secunia.com/advisories/31067 http://secunia.com/advisories/31497 http://secunia.com/advisories/31580 http://secunia.com/advisories/31586 http://secunia.com/advisories/32018 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1 SuSE Security Announcement: SUSE-SA:2008:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html SuSE Security Announcement: SUSE-SA:2008:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html http://www.vupen.com/english/advisories/2008/0770/references http://www.vupen.com/english/advisories/2008/1252 http://www.vupen.com/english/advisories/2008/1856/references XForce ISS Database: java-virtualmachine-multiple-priv-escalation(41025) https://exchange.xforce.ibmcloud.com/vulnerabilities/41025
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.