English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.831749
Category:Mandrake Local Security Checks
Title:Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk)
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'java-1.6.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Multiple security issues were identified and fixed in OpenJDK
(icedtea6):

* S6631398, CVE-2012-3216: FilePermission improved path checking

* S7093490: adjust package access in rmiregistry

* S7143535, CVE-2012-5068: ScriptEngine corrected permissions

* S7167656, CVE-2012-5077: Multiple Seeders are being created

* S7169884, CVE-2012-5073: LogManager checks do not work correctly
for sub-types

* S7169888, CVE-2012-5075: Narrowing resource definitions in JMX
RMI connector

* S7172522, CVE-2012-5072: Improve DomainCombiner checking

* S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC

* S7189103, CVE-2012-5069: Executors needs to maintain state

* S7189490: More improvements to DomainCombiner checking

* S7189567, CVE-2012-5085: java net obsolete protocol

* S7192975, CVE-2012-5071: Conditional usage check is wrong

* S7195194, CVE-2012-5084: Better data validation for Swing

* S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should
be improved

* S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without
needing to create instance

* S7198296, CVE-2012-5089: Refactor classloader usage

* S7158800: Improve storage of symbol tables

* S7158801: Improve VM CompileOnly option

* S7158804: Improve config file parsing

* S7176337: Additional changes needed for 7158801 fix

* S7198606, CVE-2012-4416: Improve VM optimization

The updated packages provides icedtea6-1.11.5 which is not vulnerable
to these issues.

Affected Software/OS:
java-1.6.0-openjdk on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3216
BugTraq ID: 56075
http://www.securityfocus.com/bid/56075
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBOV02833
http://marc.info/?l=bugtraq&m=135758563611658&w=2
HPdes Security Advisory: HPSBUX02832
http://marc.info/?l=bugtraq&m=135542848327757&w=2
HPdes Security Advisory: SSRT101042
HPdes Security Advisory: SSRT101043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16538
RedHat Security Advisories: RHSA-2012:1385
http://rhn.redhat.com/errata/RHSA-2012-1385.html
RedHat Security Advisories: RHSA-2012:1386
http://rhn.redhat.com/errata/RHSA-2012-1386.html
RedHat Security Advisories: RHSA-2012:1391
http://rhn.redhat.com/errata/RHSA-2012-1391.html
RedHat Security Advisories: RHSA-2012:1392
http://rhn.redhat.com/errata/RHSA-2012-1392.html
RedHat Security Advisories: RHSA-2012:1465
http://rhn.redhat.com/errata/RHSA-2012-1465.html
RedHat Security Advisories: RHSA-2012:1466
http://rhn.redhat.com/errata/RHSA-2012-1466.html
RedHat Security Advisories: RHSA-2012:1467
http://rhn.redhat.com/errata/RHSA-2012-1467.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/51028
http://secunia.com/advisories/51029
http://secunia.com/advisories/51141
http://secunia.com/advisories/51166
http://secunia.com/advisories/51313
http://secunia.com/advisories/51315
http://secunia.com/advisories/51326
http://secunia.com/advisories/51327
http://secunia.com/advisories/51328
http://secunia.com/advisories/51390
http://secunia.com/advisories/51393
http://secunia.com/advisories/51438
SuSE Security Announcement: SUSE-SU-2012:1398 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
SuSE Security Announcement: SUSE-SU-2012:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
SuSE Security Announcement: SUSE-SU-2012:1490 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
SuSE Security Announcement: SUSE-SU-2012:1595 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
SuSE Security Announcement: openSUSE-SU-2012:1423 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-5068
BugTraq ID: 56076
http://www.securityfocus.com/bid/56076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16533
XForce ISS Database: javaruntimeenvironment-lib-cve20125068(79425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79425
Common Vulnerability Exposure (CVE) ID: CVE-2012-5077
BugTraq ID: 56058
http://www.securityfocus.com/bid/56058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16585
XForce ISS Database: javaruntimeenvironment-sec-info-disc(79437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79437
Common Vulnerability Exposure (CVE) ID: CVE-2012-5073
BugTraq ID: 56080
http://www.securityfocus.com/bid/56080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16466
XForce ISS Database: javaruntimeenvironment-lib-cve20125073(79432)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79432
Common Vulnerability Exposure (CVE) ID: CVE-2012-5075
BugTraq ID: 56081
http://www.securityfocus.com/bid/56081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16684
XForce ISS Database: javaruntimeenvironment-comjmx-info-disc(79431)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79431
Common Vulnerability Exposure (CVE) ID: CVE-2012-5072
BugTraq ID: 56083
http://www.securityfocus.com/bid/56083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16522
XForce ISS Database: javaruntimeenvironment-security-info-disc(79434)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79434
Common Vulnerability Exposure (CVE) ID: CVE-2012-5081
BugTraq ID: 56071
http://www.securityfocus.com/bid/56071
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16043
Common Vulnerability Exposure (CVE) ID: CVE-2012-5069
BugTraq ID: 56065
http://www.securityfocus.com/bid/56065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16685
XForce ISS Database: javaruntimeenvironment-cc-cve20125069(79428)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79428
Common Vulnerability Exposure (CVE) ID: CVE-2012-5085
BugTraq ID: 56067
http://www.securityfocus.com/bid/56067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16654
Common Vulnerability Exposure (CVE) ID: CVE-2012-5071
BugTraq ID: 56061
http://www.securityfocus.com/bid/56061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16227
XForce ISS Database: javaruntimeenvironment-jmx-cve20125071(79427)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79427
Common Vulnerability Exposure (CVE) ID: CVE-2012-5084
BugTraq ID: 56063
http://www.securityfocus.com/bid/56063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16553
XForce ISS Database: javaruntimeenvironment-swing-cve20125084(79423)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79423
Common Vulnerability Exposure (CVE) ID: CVE-2012-5086
BugTraq ID: 56039
http://www.securityfocus.com/bid/56039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16387
XForce ISS Database: javaruntimeenvironment-beans-cve20125086(79414)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79414
Common Vulnerability Exposure (CVE) ID: CVE-2012-5979
Common Vulnerability Exposure (CVE) ID: CVE-2012-5089
BugTraq ID: 56059
http://www.securityfocus.com/bid/56059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16506
XForce ISS Database: javaruntimeenvironment-jmx-cve20125089(79422)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79422
Common Vulnerability Exposure (CVE) ID: CVE-2012-4416
BugTraq ID: 55501
http://www.securityfocus.com/bid/55501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16623
CopyrightCopyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.