Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'java-1.6.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime
Environment and the OpenJDK 6 Java Software Development Kit.

Multiple input checking flaws were found in the 2D component native image
parsing code. A specially crafted image file could trigger a Java Virtual
Machine memory corruption and, possibly, lead to arbitrary code execution
with the privileges of the user running the Java Virtual Machine.

The class loader did not properly check the package access for non-public
proxy classes. A remote attacker could possibly use this flaw to execute
arbitrary code with the privileges of the user running the Java Virtual
Machine. (CVE-2013-5830)

Multiple improper permission check issues were discovered in the 2D, CORBA,
JNDI, and Libraries components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850)

Multiple input checking flaws were discovered in the JPEG image reading and
writing code in the 2D component. An untrusted Java application or applet
could use these flaws to corrupt the Java Virtual Machine memory and bypass
Java sandbox restrictions. (CVE-2013-5809)

The FEATURE_SECURE_PROCESSING setting was not properly honored by the
javax.xml.transform package transformers. A remote attacker could use this
flaw to supply a crafted XML that would be processed without the intended
security restrictions. (CVE-2013-5802)

Multiple errors were discovered in the way the JAXP and Security components
processes XML inputs. A remote attacker could create a crafted XML that
would cause a Java application to use an excessive amount of CPU and memory
when processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823)

Multiple improper permission check issues were discovered in the Libraries,
Swing, JAX-WS, JGSS, AWT, Beans, and Scripting components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840,
CVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5849, CVE-2013-5790,

It was discovered that the 2D component image library did not properly
check bounds when performing image conversions. An untrusted Java
application or applet could use this flaw to disclose portions of the Java
Virtual Machine memory. (CVE-2013-5778)

Multiple input sanitization flaws were discovered in ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-3829
BugTraq ID: 63120
HPdes Security Advisory: HPSBUX02943
HPdes Security Advisory: HPSBUX02944
RedHat Security Advisories: RHSA-2013:1440
RedHat Security Advisories: RHSA-2013:1447
RedHat Security Advisories: RHSA-2013:1451
RedHat Security Advisories: RHSA-2013:1505
RedHat Security Advisories: RHSA-2013:1507
RedHat Security Advisories: RHSA-2013:1508
RedHat Security Advisories: RHSA-2013:1509
RedHat Security Advisories: RHSA-2013:1793
RedHat Security Advisories: RHSA-2014:0414
SuSE Security Announcement: SUSE-SU-2013:1666 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1677 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1663 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4002
BugTraq ID: 61310
RedHat Security Advisories: RHSA-2013:1059
RedHat Security Advisories: RHSA-2013:1060
RedHat Security Advisories: RHSA-2013:1081
RedHat Security Advisories: RHSA-2014:1818
RedHat Security Advisories: RHSA-2014:1821
RedHat Security Advisories: RHSA-2014:1822
RedHat Security Advisories: RHSA-2014:1823
RedHat Security Advisories: RHSA-2015:0675
RedHat Security Advisories: RHSA-2015:0720
RedHat Security Advisories: RHSA-2015:0765
RedHat Security Advisories: RHSA-2015:0773
SuSE Security Announcement: SUSE-SU-2013:1255 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1256 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1257 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1263 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1293 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1305 (Google Search)
XForce ISS Database: ibm-java-cve20134002-dos(85260)
Common Vulnerability Exposure (CVE) ID: CVE-2013-5772
BugTraq ID: 63089
Common Vulnerability Exposure (CVE) ID: CVE-2013-5774
BugTraq ID: 63128
Common Vulnerability Exposure (CVE) ID: CVE-2013-5778
BugTraq ID: 63134
Common Vulnerability Exposure (CVE) ID: CVE-2013-5780
BugTraq ID: 63115
Common Vulnerability Exposure (CVE) ID: CVE-2013-5782
BugTraq ID: 63103
Common Vulnerability Exposure (CVE) ID: CVE-2013-5783
BugTraq ID: 63154
Common Vulnerability Exposure (CVE) ID: CVE-2013-5784
BugTraq ID: 63098
Common Vulnerability Exposure (CVE) ID: CVE-2013-5790
BugTraq ID: 63102
Common Vulnerability Exposure (CVE) ID: CVE-2013-5797
BugTraq ID: 63095
Common Vulnerability Exposure (CVE) ID: CVE-2013-5802
BugTraq ID: 63135
Common Vulnerability Exposure (CVE) ID: CVE-2013-5803
BugTraq ID: 63082
Common Vulnerability Exposure (CVE) ID: CVE-2013-5804
BugTraq ID: 63149
Common Vulnerability Exposure (CVE) ID: CVE-2013-5809
BugTraq ID: 63118
Common Vulnerability Exposure (CVE) ID: CVE-2013-5814
BugTraq ID: 63143
Common Vulnerability Exposure (CVE) ID: CVE-2013-5817
BugTraq ID: 63146
Common Vulnerability Exposure (CVE) ID: CVE-2013-5820
BugTraq ID: 63133
Common Vulnerability Exposure (CVE) ID: CVE-2013-5823
Common Vulnerability Exposure (CVE) ID: CVE-2013-5825
BugTraq ID: 63101
Common Vulnerability Exposure (CVE) ID: CVE-2013-5829
BugTraq ID: 63137
Common Vulnerability Exposure (CVE) ID: CVE-2013-5830
BugTraq ID: 63121
Common Vulnerability Exposure (CVE) ID: CVE-2013-5840
BugTraq ID: 63148
Common Vulnerability Exposure (CVE) ID: CVE-2013-5842
BugTraq ID: 63150
Common Vulnerability Exposure (CVE) ID: CVE-2013-5849
BugTraq ID: 63106
XForce ISS Database: oracle-cpuoct2013-cve20135849(88003)
Common Vulnerability Exposure (CVE) ID: CVE-2013-5850
BugTraq ID: 63153
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.