Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2311-1 (openjdk-6)
Zusammenfassung:The remote host is missing an update to openjdk-6;announced via advisory DSA 2311-1.
The remote host is missing an update to openjdk-6
announced via advisory DSA 2311-1.

Vulnerability Insight:
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Java SE platform. The Common Vulnerabilities
and Exposures project identifies the following problems:

Integer overflow errors in the JPEG and font parser allow
untrusted code (including applets) to elevate its privileges.

Hotspot, the just-in-time compiler in OpenJDK, mishandled
certain byte code instructions, allowing untrusted code
(including applets) to crash the virtual machine.

A race condition in signed object deserialization could
allow untrusted code to modify signed content, apparently
leaving its signature intact.

Untrusted code (including applets) could access information
about network interfaces which was not intended to be public.
(Note that the interface MAC address is still available to
untrusted code.)

A float-to-long conversion could overflow, , allowing
untrusted code (including applets) to crash the virtual

Untrusted code (including applets) could intercept HTTP
requests by reconfiguring proxy settings through a SOAP

Untrusted code (including applets) could elevate its
privileges through the Swing MediaTracker code.

In addition, this update removes support for the Zero/Shark and Cacao
Hotspot variants from the i386 and amd64 due to stability issues.
These Hotspot variants are included in the openjdk-6-jre-zero and
icedtea-6-jre-cacao packages, and these packages must be removed
during this update.

For the oldstable distribution (lenny), these problems will be fixed
in a separate DSA for technical reasons.

For the stable distribution (squeeze), these problems have been fixed
in version 6b18-1.8.9-0.1~

For the testing distribution (wheezy) and the unstable distribution
(sid(, these problems have been fixed in version 6b18-1.8.9-0.1.

We recommend that you upgrade your OpenJDK packages.

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-0862
Cert/CC Advisory: TA11-201A
Debian Security Information: DSA-2311 (Google Search)
HPdes Security Advisory: HPSBMU02797
HPdes Security Advisory: HPSBMU02799
HPdes Security Advisory: HPSBUX02697
HPdes Security Advisory: HPSBUX02777
HPdes Security Advisory: SSRT100591
HPdes Security Advisory: SSRT100854
HPdes Security Advisory: SSRT100867
RedHat Security Advisories: RHSA-2013:1455
SuSE Security Announcement: SUSE-SA:2011:030 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:032 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:036 (Google Search)
SuSE Security Announcement: SUSE-SU-2011:0807 (Google Search)
SuSE Security Announcement: SUSE-SU-2011:0863 (Google Search)
SuSE Security Announcement: SUSE-SU-2011:0966 (Google Search)
SuSE Security Announcement: openSUSE-SU-2011:0633 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2011-0864
Common Vulnerability Exposure (CVE) ID: CVE-2011-0865
Common Vulnerability Exposure (CVE) ID: CVE-2011-0867
Common Vulnerability Exposure (CVE) ID: CVE-2011-0868
Common Vulnerability Exposure (CVE) ID: CVE-2011-0869
Common Vulnerability Exposure (CVE) ID: CVE-2011-0871
CopyrightCopyright (c) 2011 E-Soft Inc.

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.