Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for java-1.6.0-openjdk RHSA-2015:2086-01
Summary:The remote host is missing an update for the 'java-1.6.0-openjdk'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'java-1.6.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The java-1.6.0-openjdk packages provide the
OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit.

Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization,
and 2D components in OpenJDK. An untrusted Java application or applet could
use these flaws to completely bypass Java sandbox restrictions.
(CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860,
CVE-2015-4805, CVE-2015-4844)

Multiple denial of service flaws were found in the JAXP component in
OpenJDK. A specially crafted XML file could cause a Java application using
JAXP to consume an excessive amount of CPU and memory when parsed.
(CVE-2015-4803, CVE-2015-4893, CVE-2015-4911)

It was discovered that the Security component in OpenJDK failed to properly
check if a certificate satisfied all defined constraints. In certain cases,
this could cause a Java application to accept an X.509 certificate which
does not meet requirements of the defined policy. (CVE-2015-4872)

Multiple flaws were found in the Libraries, CORBA, JAXP, JGSS, and RMI
components in OpenJDK. An untrusted Java application or applet could use
these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806,
CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903)

Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the
CVE-2015-4806 issue.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

Affected Software/OS:
java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Server (v. 7),
Red Hat Enterprise Linux Workstation (v. 6)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-4734
BugTraq ID: 77192
Debian Security Information: DSA-3381 (Google Search)
RedHat Security Advisories: RHSA-2015:1919
RedHat Security Advisories: RHSA-2015:1920
RedHat Security Advisories: RHSA-2015:1921
RedHat Security Advisories: RHSA-2015:1926
RedHat Security Advisories: RHSA-2015:1927
RedHat Security Advisories: RHSA-2015:1928
RedHat Security Advisories: RHSA-2015:2506
RedHat Security Advisories: RHSA-2015:2507
RedHat Security Advisories: RHSA-2015:2508
RedHat Security Advisories: RHSA-2015:2509
RedHat Security Advisories: RHSA-2016:1430
SuSE Security Announcement: SUSE-SU-2015:1874 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1875 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2168 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2182 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2216 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2268 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1902 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1905 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1906 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1971 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-4803
BugTraq ID: 77200
Common Vulnerability Exposure (CVE) ID: CVE-2015-4805
BugTraq ID: 77163
RedHat Security Advisories: RHSA-2015:2518
Common Vulnerability Exposure (CVE) ID: CVE-2015-4806
BugTraq ID: 77126
Common Vulnerability Exposure (CVE) ID: CVE-2015-4835
BugTraq ID: 77148
Common Vulnerability Exposure (CVE) ID: CVE-2015-4842
BugTraq ID: 77154
Common Vulnerability Exposure (CVE) ID: CVE-2015-4843
BugTraq ID: 77160
Common Vulnerability Exposure (CVE) ID: CVE-2015-4844
BugTraq ID: 77164
Common Vulnerability Exposure (CVE) ID: CVE-2015-4860
BugTraq ID: 77162
Common Vulnerability Exposure (CVE) ID: CVE-2015-4872
BugTraq ID: 77211
Common Vulnerability Exposure (CVE) ID: CVE-2015-4881
BugTraq ID: 77159
Common Vulnerability Exposure (CVE) ID: CVE-2015-4882
BugTraq ID: 77181
Common Vulnerability Exposure (CVE) ID: CVE-2015-4883
BugTraq ID: 77161
Common Vulnerability Exposure (CVE) ID: CVE-2015-4893
BugTraq ID: 77207
Common Vulnerability Exposure (CVE) ID: CVE-2015-4903
BugTraq ID: 77194
Common Vulnerability Exposure (CVE) ID: CVE-2015-4911
BugTraq ID: 77209
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.