English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.841796
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-2191-1)
Summary:The remote host is missing an update for the 'openjdk-6' package(s) announced via the USN-2191-1 advisory.
Description:Summary:
The remote host is missing an update for the 'openjdk-6' package(s) announced via the USN-2191-1 advisory.

Vulnerability Insight:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,
CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-0462,
CVE-2014-2397, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421,
CVE-2014-2423, CVE-2014-2427)

Two vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure and data integrity. An attacker could exploit these
to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)

A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could exploit this to cause a denial of service.
(CVE-2014-0459)

Jakub Wilk discovered that the OpenJDK JRE incorrectly handled temporary
files. A local attacker could possibly use this issue to overwrite
arbitrary files. In the default installation of Ubuntu, this should be
prevented by the Yama link restrictions. (CVE-2014-1876)

A vulnerability was discovered in the OpenJDK JRE related to data
integrity. (CVE-2014-2398)

A vulnerability was discovered in the OpenJDK JRE related to information
disclosure. An attacker could exploit this to expose sensitive data over
the network. (CVE-2014-2403)

Affected Software/OS:
'openjdk-6' package(s) on Ubuntu 10.04, Ubuntu 12.04.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0429
BugTraq ID: 66856
http://www.securityfocus.com/bid/66856
Debian Security Information: DSA-2912 (Google Search)
http://www.debian.org/security/2014/dsa-2912
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://security.gentoo.org/glsa/glsa-201502-12.xml
HPdes Security Advisory: HPSBUX03092
http://marc.info/?l=bugtraq&m=140852974709252&w=2
HPdes Security Advisory: SSRT101668
RedHat Security Advisories: RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0413
RedHat Security Advisories: RHSA-2014:0414
https://access.redhat.com/errata/RHSA-2014:0414
RedHat Security Advisories: RHSA-2014:0675
http://rhn.redhat.com/errata/RHSA-2014-0675.html
RedHat Security Advisories: RHSA-2014:0685
http://rhn.redhat.com/errata/RHSA-2014-0685.html
http://secunia.com/advisories/58415
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
http://www.ubuntu.com/usn/USN-2187-1
http://www.ubuntu.com/usn/USN-2191-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-0446
BugTraq ID: 66903
http://www.securityfocus.com/bid/66903
HPdes Security Advisory: HPSBUX03091
http://marc.info/?l=bugtraq&m=140852886808946&w=2
HPdes Security Advisory: SSRT101667
Common Vulnerability Exposure (CVE) ID: CVE-2014-0451
BugTraq ID: 66879
http://www.securityfocus.com/bid/66879
Common Vulnerability Exposure (CVE) ID: CVE-2014-0452
BugTraq ID: 66891
http://www.securityfocus.com/bid/66891
Common Vulnerability Exposure (CVE) ID: CVE-2014-0453
BugTraq ID: 66914
http://www.securityfocus.com/bid/66914
http://secunia.com/advisories/59022
http://secunia.com/advisories/59023
http://secunia.com/advisories/59071
http://secunia.com/advisories/59082
http://secunia.com/advisories/59104
http://secunia.com/advisories/59194
http://secunia.com/advisories/59250
http://secunia.com/advisories/59255
http://secunia.com/advisories/59307
http://secunia.com/advisories/59324
http://secunia.com/advisories/59436
http://secunia.com/advisories/59438
http://secunia.com/advisories/59653
http://secunia.com/advisories/59675
http://secunia.com/advisories/59722
http://secunia.com/advisories/59733
http://secunia.com/advisories/60003
http://secunia.com/advisories/60111
http://secunia.com/advisories/60117
http://secunia.com/advisories/60498
http://secunia.com/advisories/60574
http://secunia.com/advisories/60580
http://secunia.com/advisories/61050
http://secunia.com/advisories/61264
Common Vulnerability Exposure (CVE) ID: CVE-2014-0456
BugTraq ID: 66877
http://www.securityfocus.com/bid/66877
Common Vulnerability Exposure (CVE) ID: CVE-2014-0457
BugTraq ID: 66866
http://www.securityfocus.com/bid/66866
Common Vulnerability Exposure (CVE) ID: CVE-2014-0458
BugTraq ID: 66883
http://www.securityfocus.com/bid/66883
Common Vulnerability Exposure (CVE) ID: CVE-2014-0459
BugTraq ID: 66910
http://www.securityfocus.com/bid/66910
Common Vulnerability Exposure (CVE) ID: CVE-2014-0460
BugTraq ID: 66916
http://www.securityfocus.com/bid/66916
http://secunia.com/advisories/59516
http://secunia.com/advisories/59642
http://secunia.com/advisories/59704
http://secunia.com/advisories/59705
http://secunia.com/advisories/59706
Common Vulnerability Exposure (CVE) ID: CVE-2014-0461
BugTraq ID: 66902
http://www.securityfocus.com/bid/66902
Common Vulnerability Exposure (CVE) ID: CVE-2014-0462
Common Vulnerability Exposure (CVE) ID: CVE-2014-1876
BugTraq ID: 65568
http://www.securityfocus.com/bid/65568
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737562
https://bugzilla.redhat.com/show_bug.cgi?id=1060907
http://seclists.org/oss-sec/2014/q1/242
http://seclists.org/oss-sec/2014/q1/285
http://osvdb.org/102808
Common Vulnerability Exposure (CVE) ID: CVE-2014-2397
BugTraq ID: 66893
http://www.securityfocus.com/bid/66893
Common Vulnerability Exposure (CVE) ID: CVE-2014-2398
BugTraq ID: 66920
http://www.securityfocus.com/bid/66920
Common Vulnerability Exposure (CVE) ID: CVE-2014-2403
BugTraq ID: 66918
http://www.securityfocus.com/bid/66918
Common Vulnerability Exposure (CVE) ID: CVE-2014-2405
Common Vulnerability Exposure (CVE) ID: CVE-2014-2412
BugTraq ID: 66873
http://www.securityfocus.com/bid/66873
Common Vulnerability Exposure (CVE) ID: CVE-2014-2414
BugTraq ID: 66894
http://www.securityfocus.com/bid/66894
Common Vulnerability Exposure (CVE) ID: CVE-2014-2421
BugTraq ID: 66881
http://www.securityfocus.com/bid/66881
Common Vulnerability Exposure (CVE) ID: CVE-2014-2423
BugTraq ID: 66887
http://www.securityfocus.com/bid/66887
Common Vulnerability Exposure (CVE) ID: CVE-2014-2427
BugTraq ID: 66909
http://www.securityfocus.com/bid/66909
CopyrightCopyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.