Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63869
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:0445
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2009:0445.

The IBM® 1.4.2 SR13 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.

This update fixes several vulnerabilities in the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit. These
vulnerabilities are summarized on the IBM Security alerts page listed in
the References section. (CVE-2008-2086, CVE-2008-5339, CVE-2008-5340,
CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346,
CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354,
CVE-2008-5359, CVE-2008-5360)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM 1.4.2 SR13 Java release. All running
instances of IBM Java must be restarted for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-0445.html
http://www.redhat.com/security/updates/classification/#critical
http://www.ibm.com/developerworks/java/jdk/alerts/

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-2086
http://lists.apple.com/archives/security-announce/2009/Feb/msg00003.html
BugTraq ID: 32620
http://www.securityfocus.com/bid/32620
Bugtraq: 20081204 CVE-2008-2086: Java Web Start File Inclusion via System PropertiesOverride (Google Search)
http://www.securityfocus.com/archive/1/498907/100/0/threaded
Cert/CC Advisory: TA08-340A
http://www.us-cert.gov/cas/techalerts/TA08-340A.html
http://security.gentoo.org/glsa/glsa-200911-02.xml
HPdes Security Advisory: HPSBMA02486
http://marc.info/?l=bugtraq&m=126583436323697&w=2
HPdes Security Advisory: HPSBUX02411
http://marc.info/?l=bugtraq&m=123678756409861&w=2
HPdes Security Advisory: SSRT080111
HPdes Security Advisory: SSRT090049
http://www.vsecurity.com/bulletins/advisories/2008/JWS-props.txt
http://osvdb.org/50510
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5601
RedHat Security Advisories: RHSA-2008:1018
RedHat Security Advisories: RHSA-2008:1025
http://rhn.redhat.com/errata/RHSA-2008-1025.html
http://www.redhat.com/support/errata/RHSA-2009-0015.html
http://www.redhat.com/support/errata/RHSA-2009-0016.html
http://www.redhat.com/support/errata/RHSA-2009-0445.html
http://www.securitytracker.com/id?1021318
http://secunia.com/advisories/32991
http://secunia.com/advisories/33015
http://secunia.com/advisories/33528
http://secunia.com/advisories/33710
http://secunia.com/advisories/34233
http://secunia.com/advisories/34605
http://secunia.com/advisories/34889
http://secunia.com/advisories/35065
http://secunia.com/advisories/37386
http://secunia.com/advisories/38539
http://securityreason.com/securityalert/4693
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244988-1
SuSE Security Announcement: SUSE-SA:2009:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html
SuSE Security Announcement: SUSE-SA:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00004.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://www.vupen.com/english/advisories/2009/0424
http://www.vupen.com/english/advisories/2009/0672
Common Vulnerability Exposure (CVE) ID: CVE-2008-5339
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6409
http://rhn.redhat.com/errata/RHSA-2008-1018.html
http://www.vupen.com/english/advisories/2008/3339
Common Vulnerability Exposure (CVE) ID: CVE-2008-5340
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6627
http://www.redhat.com/support/errata/RHSA-2009-0369.html
http://secunia.com/advisories/34447
Common Vulnerability Exposure (CVE) ID: CVE-2008-5342
http://osvdb.org/50514
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6359
Common Vulnerability Exposure (CVE) ID: CVE-2008-5343
BugTraq ID: 32892
http://www.securityfocus.com/bid/32892
http://xs-sniper.com/blog/2008/12/17/sun-fixes-gifars/
http://osvdb.org/50512
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5924
Common Vulnerability Exposure (CVE) ID: CVE-2008-5344
http://osvdb.org/50513
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6249
XForce ISS Database: jre-appletclass-security-bypass(47057)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47057
Common Vulnerability Exposure (CVE) ID: CVE-2008-5345
http://osvdb.org/50508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6059
RedHat Security Advisories: RHSA-2009:0466
https://rhn.redhat.com/errata/RHSA-2009-0466.html
http://www.securitytracker.com/id?1021305
http://secunia.com/advisories/34972
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246387-1
Common Vulnerability Exposure (CVE) ID: CVE-2008-5346
http://osvdb.org/50507
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6629
http://www.securitytracker.com/id?1021306
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246386-1
Common Vulnerability Exposure (CVE) ID: CVE-2008-5348
BugTraq ID: 32608
http://www.securityfocus.com/bid/32608
http://osvdb.org/50505
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6549
http://secunia.com/advisories/33709
http://secunia.com/advisories/34259
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019797.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246346-1
SuSE Security Announcement: SUSE-SR:2009:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2008-5350
http://osvdb.org/50503
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6424
http://www.securitytracker.com/id?1021310
http://sunsolve.sun.com/search/document.do?assetkey=1-26-246266-1
Common Vulnerability Exposure (CVE) ID: CVE-2008-5351
http://osvdb.org/50502
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6212
http://www.securitytracker.com/id?1021311
http://sunsolve.sun.com/search/document.do?assetkey=1-26-245246-1
Common Vulnerability Exposure (CVE) ID: CVE-2008-5353
Bugtraq: 20090524 Hardening OSX against CVE-2008-5353 (Google Search)
http://www.securityfocus.com/archive/1/503797/100/0/threaded
http://blog.cr0.org/2009/05/write-once-own-everyone.html
http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
http://osvdb.org/50500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6511
http://www.securitytracker.com/id?1021313
http://secunia.com/advisories/35118
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244991-1
http://www.vupen.com/english/advisories/2009/1391
Common Vulnerability Exposure (CVE) ID: CVE-2008-5354
http://www.ximido.de/research/advisories/SM_Java-BO_200811.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6537
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244990-1
XForce ISS Database: jre-commandline-privilege-escalation(47060)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47060
Common Vulnerability Exposure (CVE) ID: CVE-2008-5359
http://www.zerodayinitiative.com/advisories/ZDI-08-080/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5841
http://secunia.com/advisories/33187
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244987-1
XForce ISS Database: jre-image-processing-privilege-escalation(47048)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47048
Common Vulnerability Exposure (CVE) ID: CVE-2008-5360
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6596
http://www.securitytracker.com/id?1021316
http://sunsolve.sun.com/search/document.do?assetkey=1-26-244986-1
XForce ISS Database: jre-guessable-file-unauth-access(47045)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47045
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.