Debian Local Security Checks : Debian Security Advisory DSA 2358-1 (openjdk-6)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70571
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 2358-1 (openjdk-6)
Resumen:	The remote host is missing an update to openjdk-6;announced via advisory DSA 2358-1.
Descripción:	Summary: The remote host is missing an update to openjdk-6 announced via advisory DSA 2358-1. Vulnerability Insight: Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform. This combines the two previous openjdk-6 advisories, DSA-2311-1 and DSA-2356-1. CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code (including applets) to elevate its privileges. CVE-2011-0864 Hotspot, the just-in-time compiler in OpenJDK, mishandled certain byte code instructions, allowing untrusted code (including applets) to crash the virtual machine. CVE-2011-0865 A race condition in signed object deserialization could allow untrusted code to modify signed content, apparently leaving its signature intact. CVE-2011-0867 Untrusted code (including applets) could access information about network interfaces which was not intended to be public. (Note that the interface MAC address is still available to untrusted code.) Description truncated. Please see the referenced advisory for more information. For the oldstable distribution (lenny), these problems have been fixed in version 6b18-1.8.10-0~ lenny1. Solution: We recommend that you upgrade your openjdk-6 packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0862 Cert/CC Advisory: TA11-201A http://www.us-cert.gov/cas/techalerts/TA11-201A.html Debian Security Information: DSA-2311 (Google Search) http://www.debian.org/security/2011/dsa-2311 http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBMU02797 http://marc.info/?l=bugtraq&m=134254957702612&w=2 HPdes Security Advisory: HPSBMU02799 http://marc.info/?l=bugtraq&m=134254866602253&w=2 HPdes Security Advisory: HPSBUX02697 http://marc.info/?l=bugtraq&m=132439520301822&w=2 HPdes Security Advisory: HPSBUX02777 http://marc.info/?l=bugtraq&m=133728004526190&w=2 HPdes Security Advisory: SSRT100591 HPdes Security Advisory: SSRT100854 HPdes Security Advisory: SSRT100867 http://www.mandriva.com/security/advisories?name=MDVSA-2011:126 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13317 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14541 http://www.redhat.com/support/errata/RHSA-2011-0856.html http://www.redhat.com/support/errata/RHSA-2011-0857.html http://www.redhat.com/support/errata/RHSA-2011-0860.html http://www.redhat.com/support/errata/RHSA-2011-0938.html http://www.redhat.com/support/errata/RHSA-2011-1087.html http://www.redhat.com/support/errata/RHSA-2011-1159.html http://www.redhat.com/support/errata/RHSA-2011-1265.html RedHat Security Advisories: RHSA-2013:1455 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/44818 http://secunia.com/advisories/44930 http://secunia.com/advisories/49198 SuSE Security Announcement: SUSE-SA:2011:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html SuSE Security Announcement: SUSE-SA:2011:032 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html SuSE Security Announcement: SUSE-SA:2011:036 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html SuSE Security Announcement: SUSE-SU-2011:0807 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html SuSE Security Announcement: SUSE-SU-2011:0863 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html SuSE Security Announcement: SUSE-SU-2011:0966 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html SuSE Security Announcement: openSUSE-SU-2011:0633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2011-0864 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14632 Common Vulnerability Exposure (CVE) ID: CVE-2011-0865 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14463 Common Vulnerability Exposure (CVE) ID: CVE-2011-0867 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14240 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14693 Common Vulnerability Exposure (CVE) ID: CVE-2011-0868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14264 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14827 Common Vulnerability Exposure (CVE) ID: CVE-2011-0869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14338 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14644 Common Vulnerability Exposure (CVE) ID: CVE-2011-0871 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14112 Common Vulnerability Exposure (CVE) ID: CVE-2011-3389 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html BugTraq ID: 49388 http://www.securityfocus.com/bid/49388 BugTraq ID: 49778 http://www.securityfocus.com/bid/49778 Cert/CC Advisory: TA12-010A http://www.us-cert.gov/cas/techalerts/TA12-010A.html CERT/CC vulnerability note: VU#864643 http://www.kb.cert.org/vuls/id/864643 Debian Security Information: DSA-2398 (Google Search) http://www.debian.org/security/2012/dsa-2398 http://security.gentoo.org/glsa/glsa-201203-02.xml HPdes Security Advisory: HPSBMU02742 http://marc.info/?l=bugtraq&m=132872385320240&w=2 HPdes Security Advisory: HPSBMU02900 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 HPdes Security Advisory: HPSBUX02730 http://marc.info/?l=bugtraq&m=132750579901589&w=2 HPdes Security Advisory: HPSBUX02760 http://marc.info/?l=bugtraq&m=133365109612558&w=2 HPdes Security Advisory: SSRT100710 HPdes Security Advisory: SSRT100740 HPdes Security Advisory: SSRT100805 http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http://eprint.iacr.org/2006/136 http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 http://vnhacker.blogspot.com/2011/09/beast.html http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html http://www.insecure.cl/Beast-SSL.rar https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 Microsoft Security Bulletin: MS12-006 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 http://osvdb.org/74829 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.redhat.com/support/errata/RHSA-2012-0006.html RedHat Security Advisories: RHSA-2012:0508 http://rhn.redhat.com/errata/RHSA-2012-0508.html http://www.securitytracker.com/id?1025997 http://www.securitytracker.com/id?1026103 http://www.securitytracker.com/id?1026704 http://www.securitytracker.com/id/1029190 http://secunia.com/advisories/45791 http://secunia.com/advisories/47998 http://secunia.com/advisories/48256 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/55322 http://secunia.com/advisories/55350 http://secunia.com/advisories/55351 SuSE Security Announcement: SUSE-SU-2012:0114 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html SuSE Security Announcement: SUSE-SU-2012:0122 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html SuSE Security Announcement: SUSE-SU-2012:0602 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html SuSE Security Announcement: openSUSE-SU-2012:0030 (Google Search) https://hermes.opensuse.org/messages/13154861 SuSE Security Announcement: openSUSE-SU-2012:0063 (Google Search) https://hermes.opensuse.org/messages/13155432 SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.ubuntu.com/usn/USN-1263-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-3521 BugTraq ID: 50215 http://www.securityfocus.com/bid/50215 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13662 http://www.securitytracker.com/id?1026215 http://secunia.com/advisories/48308 XForce ISS Database: oracle-jre-deserialization-unspecified(70850) https://exchange.xforce.ibmcloud.com/vulnerabilities/70850 Common Vulnerability Exposure (CVE) ID: CVE-2011-3544 BugTraq ID: 50218 http://www.securityfocus.com/bid/50218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947 XForce ISS Database: oracle-jre-scripting-unspecified(70849) https://exchange.xforce.ibmcloud.com/vulnerabilities/70849 Common Vulnerability Exposure (CVE) ID: CVE-2011-3547 BugTraq ID: 50243 http://www.securityfocus.com/bid/50243 http://osvdb.org/76511 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14339 http://www.redhat.com/support/errata/RHSA-2011-1478.html XForce ISS Database: jre-networking-info-disclosure(70846) https://exchange.xforce.ibmcloud.com/vulnerabilities/70846 Common Vulnerability Exposure (CVE) ID: CVE-2011-3548 BugTraq ID: 50211 http://www.securityfocus.com/bid/50211 http://osvdb.org/76495 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14492 XForce ISS Database: jre-awt-unspecified(70845) https://exchange.xforce.ibmcloud.com/vulnerabilities/70845 Common Vulnerability Exposure (CVE) ID: CVE-2011-3551 BugTraq ID: 50224 http://www.securityfocus.com/bid/50224 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318 XForce ISS Database: oracle-jre-2d-unspecified(70842) https://exchange.xforce.ibmcloud.com/vulnerabilities/70842 Common Vulnerability Exposure (CVE) ID: CVE-2011-3552 BugTraq ID: 50248 http://www.securityfocus.com/bid/50248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14465 XForce ISS Database: oracle-jre-networking-unspecified(70841) https://exchange.xforce.ibmcloud.com/vulnerabilities/70841 Common Vulnerability Exposure (CVE) ID: CVE-2011-3553 BugTraq ID: 50246 http://www.securityfocus.com/bid/50246 http://osvdb.org/76512 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311 XForce ISS Database: oracle-jre-jaxws-info-disc(70840) https://exchange.xforce.ibmcloud.com/vulnerabilities/70840 Common Vulnerability Exposure (CVE) ID: CVE-2011-3554 BugTraq ID: 50216 http://www.securityfocus.com/bid/50216 http://osvdb.org/76498 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14524 XForce ISS Database: oracle-java-jre-unspecified(70839) https://exchange.xforce.ibmcloud.com/vulnerabilities/70839 Common Vulnerability Exposure (CVE) ID: CVE-2011-3556 BugTraq ID: 50231 http://www.securityfocus.com/bid/50231 CERT/CC vulnerability note: VU#597809 https://www.kb.cert.org/vuls/id/597809 http://osvdb.org/76505 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316 XForce ISS Database: jre-rmi-unspecified(70837) https://exchange.xforce.ibmcloud.com/vulnerabilities/70837 Common Vulnerability Exposure (CVE) ID: CVE-2011-3557 BugTraq ID: 50234 http://www.securityfocus.com/bid/50234 http://osvdb.org/76506 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373 XForce ISS Database: oracle-jre-rmi-unspecified(70836) https://exchange.xforce.ibmcloud.com/vulnerabilities/70836 Common Vulnerability Exposure (CVE) ID: CVE-2011-3560 BugTraq ID: 50236 http://www.securityfocus.com/bid/50236 http://osvdb.org/76507 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14394 XForce ISS Database: oracle-jre-jsse-unspecified(70834) https://exchange.xforce.ibmcloud.com/vulnerabilities/70834
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com