English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2016.0401.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:0401-1)
Summary:The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2016:0401-1 advisory.
Description:Summary:
The remote host is missing an update for the 'java-1_7_1-ibm' package(s) announced via the SUSE-SU-2016:0401-1 advisory.

Vulnerability Insight:
This update for java-1_7_1-ibm fixes the following issues by updating to 7.1-3.30 (bsc#963937):


- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact

The following bugs were fixed:

- bsc#960402: resolve package conflicts in devel package

Affected Software/OS:
'java-1_7_1-ibm' package(s) on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 12-SP1, SUSE Linux Enterprise Server for SAP Applications 12, SUSE Linux Enterprise Server for SAP Applications 12-SP1.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-5041
AIX APAR: IV72872
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72872
BugTraq ID: 82451
http://www.securityfocus.com/bid/82451
RedHat Security Advisories: RHSA-2016:1430
https://access.redhat.com/errata/RHSA-2016:1430
SuSE Security Announcement: SUSE-SU-2016:0399 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:0401 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00028.html
SuSE Security Announcement: SUSE-SU-2016:0428 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0431 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00032.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7575
1034541
http://www.securitytracker.com/id/1034541
1036467
http://www.securitytracker.com/id/1036467
79684
http://www.securityfocus.com/bid/79684
91787
http://www.securityfocus.com/bid/91787
DSA-3436
http://www.debian.org/security/2016/dsa-3436
DSA-3437
http://www.debian.org/security/2016/dsa-3437
DSA-3457
http://www.debian.org/security/2016/dsa-3457
DSA-3458
http://www.debian.org/security/2016/dsa-3458
DSA-3465
http://www.debian.org/security/2016/dsa-3465
DSA-3491
http://www.debian.org/security/2016/dsa-3491
DSA-3688
http://www.debian.org/security/2016/dsa-3688
GLSA-201701-46
https://security.gentoo.org/glsa/201701-46
GLSA-201706-18
https://security.gentoo.org/glsa/201706-18
GLSA-201801-15
https://security.gentoo.org/glsa/201801-15
RHSA-2016:0049
http://rhn.redhat.com/errata/RHSA-2016-0049.html
RHSA-2016:0050
http://rhn.redhat.com/errata/RHSA-2016-0050.html
RHSA-2016:0053
http://rhn.redhat.com/errata/RHSA-2016-0053.html
RHSA-2016:0054
http://rhn.redhat.com/errata/RHSA-2016-0054.html
RHSA-2016:0055
http://rhn.redhat.com/errata/RHSA-2016-0055.html
RHSA-2016:0056
http://rhn.redhat.com/errata/RHSA-2016-0056.html
RHSA-2016:1430
SUSE-SU-2016:0256
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
SUSE-SU-2016:0265
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
SUSE-SU-2016:0269
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
USN-2863-1
http://www.ubuntu.com/usn/USN-2863-1
USN-2864-1
http://www.ubuntu.com/usn/USN-2864-1
USN-2865-1
http://www.ubuntu.com/usn/USN-2865-1
USN-2866-1
http://www.ubuntu.com/usn/USN-2866-1
USN-2884-1
http://www.ubuntu.com/usn/USN-2884-1
USN-2904-1
http://www.ubuntu.com/usn/USN-2904-1
http://www.mozilla.org/security/announce/2015/mfsa2015-150.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1158489
https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes
https://security.netapp.com/advisory/ntap-20160225-0001/
openSUSE-SU-2015:2405
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
openSUSE-SU-2016:0007
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
openSUSE-SU-2016:0161
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
openSUSE-SU-2016:0162
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
openSUSE-SU-2016:0263
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
openSUSE-SU-2016:0268
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
openSUSE-SU-2016:0270
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
openSUSE-SU-2016:0272
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
openSUSE-SU-2016:0279
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
openSUSE-SU-2016:0307
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
openSUSE-SU-2016:0308
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
openSUSE-SU-2016:0488
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
openSUSE-SU-2016:0605
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7981
BugTraq ID: 77304
http://www.securityfocus.com/bid/77304
Debian Security Information: DSA-3399 (Google Search)
http://www.debian.org/security/2015/dsa-3399
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html
https://security.gentoo.org/glsa/201611-08
http://www.openwall.com/lists/oss-security/2015/10/26/1
http://www.openwall.com/lists/oss-security/2015/10/26/3
RedHat Security Advisories: RHSA-2015:2594
http://rhn.redhat.com/errata/RHSA-2015-2594.html
RedHat Security Advisories: RHSA-2015:2595
http://rhn.redhat.com/errata/RHSA-2015-2595.html
http://www.securitytracker.com/id/1034393
SuSE Security Announcement: openSUSE-SU-2015:2099 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
SuSE Security Announcement: openSUSE-SU-2015:2136 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
http://www.ubuntu.com/usn/USN-2815-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8126
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 77568
http://www.securityfocus.com/bid/77568
Debian Security Information: DSA-3507 (Google Search)
http://www.debian.org/security/2016/dsa-3507
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html
https://security.gentoo.org/glsa/201603-09
http://www.openwall.com/lists/oss-security/2015/11/12/2
RedHat Security Advisories: RHSA-2015:2596
http://rhn.redhat.com/errata/RHSA-2015-2596.html
RedHat Security Advisories: RHSA-2016:0055
RedHat Security Advisories: RHSA-2016:0056
RedHat Security Advisories: RHSA-2016:0057
http://rhn.redhat.com/errata/RHSA-2016-0057.html
http://www.securitytracker.com/id/1034142
SuSE Security Announcement: SUSE-SU-2016:0256 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0265 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0269 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0665 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:2100 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html
SuSE Security Announcement: openSUSE-SU-2015:2135 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html
SuSE Security Announcement: openSUSE-SU-2015:2262 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html
SuSE Security Announcement: openSUSE-SU-2015:2263 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html
SuSE Security Announcement: openSUSE-SU-2016:0103 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html
SuSE Security Announcement: openSUSE-SU-2016:0104 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html
SuSE Security Announcement: openSUSE-SU-2016:0105 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html
SuSE Security Announcement: openSUSE-SU-2016:0263 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0268 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0272 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0279 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0664 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html
SuSE Security Announcement: openSUSE-SU-2016:0684 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html
SuSE Security Announcement: openSUSE-SU-2016:0729 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8472
BugTraq ID: 78624
http://www.securityfocus.com/bid/78624
Debian Security Information: DSA-3443 (Google Search)
http://www.debian.org/security/2016/dsa-3443
http://www.openwall.com/lists/oss-security/2015/12/03/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-8540
BugTraq ID: 80592
http://www.securityfocus.com/bid/80592
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
http://www.openwall.com/lists/oss-security/2015/12/10/6
http://www.openwall.com/lists/oss-security/2015/12/10/7
http://www.openwall.com/lists/oss-security/2015/12/11/1
http://www.openwall.com/lists/oss-security/2015/12/11/2
http://www.openwall.com/lists/oss-security/2015/12/17/10
Common Vulnerability Exposure (CVE) ID: CVE-2016-0402
BugTraq ID: 81096
http://www.securityfocus.com/bid/81096
Debian Security Information: DSA-3458 (Google Search)
Debian Security Information: DSA-3465 (Google Search)
https://security.gentoo.org/glsa/201603-14
https://security.gentoo.org/glsa/201610-08
RedHat Security Advisories: RHSA-2016:0049
RedHat Security Advisories: RHSA-2016:0050
RedHat Security Advisories: RHSA-2016:0053
RedHat Security Advisories: RHSA-2016:0054
RedHat Security Advisories: RHSA-2016:0067
http://rhn.redhat.com/errata/RHSA-2016-0067.html
http://www.securitytracker.com/id/1034715
http://www.ubuntu.com/usn/USN-2885-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-0448
BugTraq ID: 81123
http://www.securityfocus.com/bid/81123
Common Vulnerability Exposure (CVE) ID: CVE-2016-0466
BugTraq ID: 81118
http://www.securityfocus.com/bid/81118
Common Vulnerability Exposure (CVE) ID: CVE-2016-0483
http://www.zerodayinitiative.com/advisories/ZDI-16-032
Common Vulnerability Exposure (CVE) ID: CVE-2016-0494
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.