Test ID:	1.3.6.1.4.1.25623.1.0.842172
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2574-1)
Summary:	The remote host is missing an update for the 'openjdk-7' package(s) announced via the USN-2574-1 advisory.
Description:	Summary: The remote host is missing an update for the 'openjdk-7' package(s) announced via the USN-2574-1 advisory. Vulnerability Insight: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this expose sensitive data over the network. (CVE-2015-0477) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2015-0488) Affected Software/OS: 'openjdk-7' package(s) on Ubuntu 14.04, Ubuntu 14.10. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0460 BugTraq ID: 74097 http://www.securityfocus.com/bid/74097 Debian Security Information: DSA-3234 (Google Search) http://www.debian.org/security/2015/dsa-3234 Debian Security Information: DSA-3235 (Google Search) http://www.debian.org/security/2015/dsa-3235 Debian Security Information: DSA-3316 (Google Search) http://www.debian.org/security/2015/dsa-3316 https://security.gentoo.org/glsa/201603-11 http://www.mandriva.com/security/advisories?name=MDVSA-2015:212 RedHat Security Advisories: RHSA-2015:0806 http://rhn.redhat.com/errata/RHSA-2015-0806.html RedHat Security Advisories: RHSA-2015:0807 http://rhn.redhat.com/errata/RHSA-2015-0807.html RedHat Security Advisories: RHSA-2015:0808 http://rhn.redhat.com/errata/RHSA-2015-0808.html RedHat Security Advisories: RHSA-2015:0809 http://rhn.redhat.com/errata/RHSA-2015-0809.html RedHat Security Advisories: RHSA-2015:0854 http://rhn.redhat.com/errata/RHSA-2015-0854.html RedHat Security Advisories: RHSA-2015:0857 http://rhn.redhat.com/errata/RHSA-2015-0857.html RedHat Security Advisories: RHSA-2015:0858 http://rhn.redhat.com/errata/RHSA-2015-0858.html http://www.securitytracker.com/id/1032120 SuSE Security Announcement: SUSE-SU-2015:0833 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html SuSE Security Announcement: openSUSE-SU-2015:0773 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html SuSE Security Announcement: openSUSE-SU-2015:0774 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html http://www.ubuntu.com/usn/USN-2573-1 http://www.ubuntu.com/usn/USN-2574-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0469 BugTraq ID: 74072 http://www.securityfocus.com/bid/74072 RedHat Security Advisories: RHSA-2015:1006 http://rhn.redhat.com/errata/RHSA-2015-1006.html RedHat Security Advisories: RHSA-2015:1007 http://rhn.redhat.com/errata/RHSA-2015-1007.html RedHat Security Advisories: RHSA-2015:1020 http://rhn.redhat.com/errata/RHSA-2015-1020.html RedHat Security Advisories: RHSA-2015:1021 http://rhn.redhat.com/errata/RHSA-2015-1021.html RedHat Security Advisories: RHSA-2015:1091 http://rhn.redhat.com/errata/RHSA-2015-1091.html SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html SuSE Security Announcement: SUSE-SU-2015:2168 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html SuSE Security Announcement: SUSE-SU-2015:2182 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html SuSE Security Announcement: SUSE-SU-2015:2216 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0477 BugTraq ID: 74119 http://www.securityfocus.com/bid/74119 Common Vulnerability Exposure (CVE) ID: CVE-2015-0478 BugTraq ID: 74147 http://www.securityfocus.com/bid/74147 http://www.securitytracker.com/id/1035517 Common Vulnerability Exposure (CVE) ID: CVE-2015-0480 BugTraq ID: 74104 http://www.securityfocus.com/bid/74104 Common Vulnerability Exposure (CVE) ID: CVE-2015-0488 BugTraq ID: 74111 http://www.securityfocus.com/bid/74111
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.