Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870851
Category:Red Hat Local Security Checks
Title:RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'java-1.6.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

Multiple improper permission check issues were discovered in the Beans,
Swing, and JMX components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2012-5086, CVE-2012-5084, CVE-2012-5089)

Multiple improper permission check issues were discovered in the Scripting,
JMX, Concurrency, Libraries, and Security components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,
CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)

It was discovered that java.util.ServiceLoader could create an instance of
an incompatible class while performing provider lookup. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2012-5079)

It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS
implementation did not properly handle handshake records containing an
overly large data length value. An unauthenticated, remote attacker could
possibly use this flaw to cause an SSL/TLS server to terminate with an
exception. (CVE-2012-5081)

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
java-1.6.0-openjdk on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-3216
BugTraq ID: 56075
http://www.securityfocus.com/bid/56075
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBOV02833
http://marc.info/?l=bugtraq&m=135758563611658&w=2
HPdes Security Advisory: HPSBUX02832
http://marc.info/?l=bugtraq&m=135542848327757&w=2
HPdes Security Advisory: SSRT101042
HPdes Security Advisory: SSRT101043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16538
RedHat Security Advisories: RHSA-2012:1385
http://rhn.redhat.com/errata/RHSA-2012-1385.html
RedHat Security Advisories: RHSA-2012:1386
http://rhn.redhat.com/errata/RHSA-2012-1386.html
RedHat Security Advisories: RHSA-2012:1391
http://rhn.redhat.com/errata/RHSA-2012-1391.html
RedHat Security Advisories: RHSA-2012:1392
http://rhn.redhat.com/errata/RHSA-2012-1392.html
RedHat Security Advisories: RHSA-2012:1465
http://rhn.redhat.com/errata/RHSA-2012-1465.html
RedHat Security Advisories: RHSA-2012:1466
http://rhn.redhat.com/errata/RHSA-2012-1466.html
RedHat Security Advisories: RHSA-2012:1467
http://rhn.redhat.com/errata/RHSA-2012-1467.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/51028
http://secunia.com/advisories/51029
http://secunia.com/advisories/51141
http://secunia.com/advisories/51166
http://secunia.com/advisories/51313
http://secunia.com/advisories/51315
http://secunia.com/advisories/51326
http://secunia.com/advisories/51327
http://secunia.com/advisories/51328
http://secunia.com/advisories/51390
http://secunia.com/advisories/51393
http://secunia.com/advisories/51438
SuSE Security Announcement: SUSE-SU-2012:1398 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
SuSE Security Announcement: SUSE-SU-2012:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
SuSE Security Announcement: SUSE-SU-2012:1490 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
SuSE Security Announcement: SUSE-SU-2012:1595 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
SuSE Security Announcement: openSUSE-SU-2012:1423 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-4416
BugTraq ID: 55501
http://www.securityfocus.com/bid/55501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16623
Common Vulnerability Exposure (CVE) ID: CVE-2012-5068
BugTraq ID: 56076
http://www.securityfocus.com/bid/56076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16533
XForce ISS Database: javaruntimeenvironment-lib-cve20125068(79425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79425
Common Vulnerability Exposure (CVE) ID: CVE-2012-5069
BugTraq ID: 56065
http://www.securityfocus.com/bid/56065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16685
XForce ISS Database: javaruntimeenvironment-cc-cve20125069(79428)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79428
Common Vulnerability Exposure (CVE) ID: CVE-2012-5071
BugTraq ID: 56061
http://www.securityfocus.com/bid/56061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16227
XForce ISS Database: javaruntimeenvironment-jmx-cve20125071(79427)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79427
Common Vulnerability Exposure (CVE) ID: CVE-2012-5072
BugTraq ID: 56083
http://www.securityfocus.com/bid/56083
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16522
XForce ISS Database: javaruntimeenvironment-security-info-disc(79434)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79434
Common Vulnerability Exposure (CVE) ID: CVE-2012-5073
BugTraq ID: 56080
http://www.securityfocus.com/bid/56080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16466
XForce ISS Database: javaruntimeenvironment-lib-cve20125073(79432)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79432
Common Vulnerability Exposure (CVE) ID: CVE-2012-5075
BugTraq ID: 56081
http://www.securityfocus.com/bid/56081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16684
XForce ISS Database: javaruntimeenvironment-comjmx-info-disc(79431)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79431
Common Vulnerability Exposure (CVE) ID: CVE-2012-5077
BugTraq ID: 56058
http://www.securityfocus.com/bid/56058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16585
XForce ISS Database: javaruntimeenvironment-sec-info-disc(79437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79437
Common Vulnerability Exposure (CVE) ID: CVE-2012-5079
BugTraq ID: 56082
http://www.securityfocus.com/bid/56082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16602
XForce ISS Database: javaruntimeenvironment-lib-cve20125079(79433)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79433
Common Vulnerability Exposure (CVE) ID: CVE-2012-5081
BugTraq ID: 56071
http://www.securityfocus.com/bid/56071
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16043
Common Vulnerability Exposure (CVE) ID: CVE-2012-5084
BugTraq ID: 56063
http://www.securityfocus.com/bid/56063
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16553
XForce ISS Database: javaruntimeenvironment-swing-cve20125084(79423)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79423
Common Vulnerability Exposure (CVE) ID: CVE-2012-5085
BugTraq ID: 56067
http://www.securityfocus.com/bid/56067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16654
Common Vulnerability Exposure (CVE) ID: CVE-2012-5086
BugTraq ID: 56039
http://www.securityfocus.com/bid/56039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16387
XForce ISS Database: javaruntimeenvironment-beans-cve20125086(79414)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79414
Common Vulnerability Exposure (CVE) ID: CVE-2012-5089
BugTraq ID: 56059
http://www.securityfocus.com/bid/56059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16506
XForce ISS Database: javaruntimeenvironment-jmx-cve20125089(79422)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79422
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.