Test ID:	1.3.6.1.4.1.25623.1.0.882893
Category:	CentOS Local Security Checks
Title:	CentOS Update for java CESA-2018:1278 centos7
Summary:	Check the version of java
Description:	Summary: Check the version of java Vulnerability Insight: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es): * OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025) (CVE-2018-2814) * OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794) * OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795) * OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796) * OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797) * OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798) * OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799) * OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800) * OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757) (CVE-2018-2815) * OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: java on CentOS 7 Solution: Please install the updated packages. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-2790 BugTraq ID: 103877 http://www.securityfocus.com/bid/103877 Debian Security Information: DSA-4185 (Google Search) https://www.debian.org/security/2018/dsa-4185 Debian Security Information: DSA-4225 (Google Search) https://www.debian.org/security/2018/dsa-4225 https://security.gentoo.org/glsa/201903-14 RedHat Security Advisories: RHSA-2018:1188 https://access.redhat.com/errata/RHSA-2018:1188 RedHat Security Advisories: RHSA-2018:1191 https://access.redhat.com/errata/RHSA-2018:1191 RedHat Security Advisories: RHSA-2018:1201 https://access.redhat.com/errata/RHSA-2018:1201 RedHat Security Advisories: RHSA-2018:1202 https://access.redhat.com/errata/RHSA-2018:1202 RedHat Security Advisories: RHSA-2018:1203 https://access.redhat.com/errata/RHSA-2018:1203 RedHat Security Advisories: RHSA-2018:1204 https://access.redhat.com/errata/RHSA-2018:1204 RedHat Security Advisories: RHSA-2018:1205 https://access.redhat.com/errata/RHSA-2018:1205 RedHat Security Advisories: RHSA-2018:1206 https://access.redhat.com/errata/RHSA-2018:1206 RedHat Security Advisories: RHSA-2018:1270 https://access.redhat.com/errata/RHSA-2018:1270 RedHat Security Advisories: RHSA-2018:1278 https://access.redhat.com/errata/RHSA-2018:1278 RedHat Security Advisories: RHSA-2018:1721 https://access.redhat.com/errata/RHSA-2018:1721 RedHat Security Advisories: RHSA-2018:1722 https://access.redhat.com/errata/RHSA-2018:1722 RedHat Security Advisories: RHSA-2018:1723 https://access.redhat.com/errata/RHSA-2018:1723 RedHat Security Advisories: RHSA-2018:1724 https://access.redhat.com/errata/RHSA-2018:1724 RedHat Security Advisories: RHSA-2018:1974 https://access.redhat.com/errata/RHSA-2018:1974 RedHat Security Advisories: RHSA-2018:1975 https://access.redhat.com/errata/RHSA-2018:1975 http://www.securitytracker.com/id/1040697 https://usn.ubuntu.com/3644-1/ https://usn.ubuntu.com/3691-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-2794 BugTraq ID: 103817 http://www.securityfocus.com/bid/103817 Common Vulnerability Exposure (CVE) ID: CVE-2018-2795 BugTraq ID: 103847 http://www.securityfocus.com/bid/103847 Common Vulnerability Exposure (CVE) ID: CVE-2018-2796 BugTraq ID: 103868 http://www.securityfocus.com/bid/103868 Common Vulnerability Exposure (CVE) ID: CVE-2018-2797 BugTraq ID: 103846 http://www.securityfocus.com/bid/103846 Common Vulnerability Exposure (CVE) ID: CVE-2018-2798 BugTraq ID: 103841 http://www.securityfocus.com/bid/103841 Common Vulnerability Exposure (CVE) ID: CVE-2018-2799 BugTraq ID: 103872 http://www.securityfocus.com/bid/103872 https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307@%3Cuser.spark.apache.org%3E https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d@%3Cfop-dev.xmlgraphics.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2018-2800 BugTraq ID: 103849 http://www.securityfocus.com/bid/103849 Common Vulnerability Exposure (CVE) ID: CVE-2018-2814 BugTraq ID: 103798 http://www.securityfocus.com/bid/103798 Common Vulnerability Exposure (CVE) ID: CVE-2018-2815 BugTraq ID: 103848 http://www.securityfocus.com/bid/103848
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.