Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61256
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0555
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0555.

IBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime Environment
and the IBM Java 2 Software Development Kit.

A flaw was found in the Java XSLT processing classes. An untrusted
application or applet could cause a denial of service, or execute arbitrary
code with the permissions of the user running the JRE. (CVE-2008-1187)

A buffer overflow flaw was found in Java Web Start (JWS). An untrusted
application using the Java Network Launch Protocol (JNLP) could access
local files or execute local applications accessible to the user running
the JRE. (CVE-2008-1196)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain IBM's 1.4.2 SR11 Java release which resolves these
issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0555.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-1187
http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html
http://dev2dev.bea.com/pub/advisory/277
Cert/CC Advisory: TA08-066A
http://www.us-cert.gov/cas/techalerts/TA08-066A.html
http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
http://security.gentoo.org/glsa/glsa-200804-28.xml
http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
http://jvn.jp/en/jp/JVN04032535/index.html
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000016.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10278
http://www.redhat.com/support/errata/RHSA-2008-0186.html
http://www.redhat.com/support/errata/RHSA-2008-0210.html
http://www.redhat.com/support/errata/RHSA-2008-0243.html
http://www.redhat.com/support/errata/RHSA-2008-0244.html
http://www.redhat.com/support/errata/RHSA-2008-0245.html
http://www.redhat.com/support/errata/RHSA-2008-0267.html
http://www.redhat.com/support/errata/RHSA-2008-0555.html
http://www.securitytracker.com/id?1019548
http://secunia.com/advisories/29239
http://secunia.com/advisories/29273
http://secunia.com/advisories/29498
http://secunia.com/advisories/29582
http://secunia.com/advisories/29841
http://secunia.com/advisories/29858
http://secunia.com/advisories/29897
http://secunia.com/advisories/29999
http://secunia.com/advisories/30003
http://secunia.com/advisories/30676
http://secunia.com/advisories/30780
http://secunia.com/advisories/31067
http://secunia.com/advisories/31497
http://secunia.com/advisories/31580
http://secunia.com/advisories/31586
http://secunia.com/advisories/32018
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233322-1
SuSE Security Announcement: SUSE-SA:2008:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html
SuSE Security Announcement: SUSE-SA:2008:025 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html
http://www.vupen.com/english/advisories/2008/0770/references
http://www.vupen.com/english/advisories/2008/1252
http://www.vupen.com/english/advisories/2008/1856/references
XForce ISS Database: java-virtualmachine-multiple-priv-escalation(41025)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41025
Common Vulnerability Exposure (CVE) ID: CVE-2008-1196
CERT/CC vulnerability note: VU#223028
http://www.kb.cert.org/vuls/id/223028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10412
http://www.securitytracker.com/id?1019552
http://sunsolve.sun.com/search/document.do?assetkey=1-26-233327-1
XForce ISS Database: sun-java-webstart-javaws-bo(41026)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41026
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.