Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0955

The remote host is missing updates announced in
advisory RHSA-2008:0955.

IBM's 1.4.2 SR12 Java release includes the IBM Java 2 Runtime Environment
and the IBM Java 2 Software Development Kit.

Multiple vulnerabilities with unsigned applets were reported. A remote
attacker could misuse an unsigned applet to connect to localhost services
running on the host running the applet. (CVE-2008-3104)

Two file processing vulnerabilities in Java Web Start were found. Using an
untrusted Java Web Start application, a remote attacker was able to create
or delete arbitrary files with the permissions of the user running the
untrusted application. (CVE-2008-3112, CVE-2008-3113)

A vulnerability in Java Web Start when processing untrusted applications
was reported. An attacker was able to acquire sensitive information, such
as the cache location. (CVE-2008-3114)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain IBM's 1.4.2 SR12 Java release which resolves these

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-3104
BugTraq ID: 30140
Bugtraq: 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and (Google Search)
Bugtraq: 20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues (Google Search)
Cert/CC Advisory: TA08-193A
RedHat Security Advisories: RHSA-2008:0955
SuSE Security Announcement: SUSE-SA:2008:042 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:043 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:045 (Google Search)
SuSE Security Announcement: SUSE-SR:2008:028 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
XForce ISS Database: sun-jre-unspecified-security-bypass(43662)
Common Vulnerability Exposure (CVE) ID: CVE-2008-3112
BugTraq ID: 30148
XForce ISS Database: sun-javawebstart-file-create(43666)
Common Vulnerability Exposure (CVE) ID: CVE-2008-3113
XForce ISS Database: sun-javawebstart-file-manipulation(43667)
Common Vulnerability Exposure (CVE) ID: CVE-2008-3114
XForce ISS Database: sun-javawebstart-cache-info-disclosure(43668)
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.