Test ID:	1.3.6.1.4.1.25623.1.0.68937
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1052-1 (openjdk-6b18)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to openjdk-6b18 announced via advisory USN-1052-1. Details follow: It was discovered that the JNLP SecurityManager in IcedTea for Java OpenJDK in some instances failed to properly apply the intended scurity policy in its checkPermission method. This could allow an attacker execute code with privileges that should have been prevented. (CVE-2010-4351) Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: icedtea6-plugin 6b20-1.9.4-0ubuntu1~ 9.10.1 Ubuntu 10.04 LTS: icedtea6-plugin 6b20-1.9.4-0ubuntu1~ 10.04.1 Ubuntu 10.10: icedtea6-plugin 6b20-1.9.4-0ubuntu1 After a standard system update you need to restart any Java services, applications or applets to make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-1052-1 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4351 43002 http://secunia.com/advisories/43002 43078 http://secunia.com/advisories/43078 43085 http://secunia.com/advisories/43085 43135 http://secunia.com/advisories/43135 45894 http://www.securityfocus.com/bid/45894 70605 http://osvdb.org/70605 ADV-2011-0165 http://www.vupen.com/english/advisories/2011/0165 ADV-2011-0166 http://www.vupen.com/english/advisories/2011/0166 ADV-2011-0215 http://www.vupen.com/english/advisories/2011/0215 ADV-2011-0239 http://www.vupen.com/english/advisories/2011/0239 DSA-2224 http://www.debian.org/security/2011/dsa-2224 FEDORA-2011-0500 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html FEDORA-2011-0521 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html GLSA-201406-32 http://security.gentoo.org/glsa/glsa-201406-32.xml MDVSA-2011:054 http://www.mandriva.com/security/advisories?name=MDVSA-2011:054 RHSA-2011:0176 http://www.redhat.com/support/errata/RHSA-2011-0176.html USN-1052-1 http://www.ubuntu.com/usn/USN-1052-1 USN-1055-1 http://www.ubuntu.com/usn/USN-1055-1 http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/ http://www.zerodayinitiative.com/advisories/ZDI-11-014/ https://bugzilla.redhat.com/show_bug.cgi?id=663680 icedtea-jnlp-code-execution(64893) https://exchange.xforce.ibmcloud.com/vulnerabilities/64893
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.