Test Kennung:	1.3.6.1.4.1.25623.1.0.804862
Kategorie:	General
Titel:	Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct 2014 (Windows)
Zusammenfassung:	The host is installed with Oracle Java SE JRE; and is prone to multiple unspecified vulnerabilities.
Beschreibung:	Summary: The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An unspecified error in share/classes/javax/crypto/CipherInputStream.java script related to streaming of input cipher streams. - An error in share/classes/java/util/ResourceBundle.java script related to property processing and handling of names. - An error in the 'LogRecord::readObject' function in classes/java/util/logging/LogRecord.java related to handling of resource bundles. - An error related to the wrapping of datagram sockets in the DatagramSocket implementation. - An error in share/classes/java/util/logging/Logger.java related to missing permission checks of logger resources. - An error related to handling of server certificate changes during SSL/TLS renegotiation. - An error within the 2D subcomponent of the client deployment. Vulnerability Impact: Successful exploitation will allow attackers to bypass security restrictions, disclose sensitive information, manipulate certain data, conduct IP spoofing attacks or hijack a mutually authenticated session. Affected Software/OS: Oracle Java SE 5 update 71 and prior, 6 update 81 and prior, 7 update 67 and prior, and 8 update 20 and prior on Windows Solution: Apply the patch from the referenced advisory. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 70544 BugTraq ID: 70572 BugTraq ID: 70533 BugTraq ID: 70567 BugTraq ID: 70548 BugTraq ID: 70556 BugTraq ID: 70538 Common Vulnerability Exposure (CVE) ID: CVE-2014-6558 http://www.securityfocus.com/bid/70544 Debian Security Information: DSA-3077 (Google Search) http://www.debian.org/security/2014/dsa-3077 Debian Security Information: DSA-3080 (Google Search) http://www.debian.org/security/2014/dsa-3080 http://security.gentoo.org/glsa/glsa-201502-12.xml HPdes Security Advisory: HPSBUX03218 http://marc.info/?l=bugtraq&m=141775382904016&w=2 HPdes Security Advisory: SSRT101770 RedHat Security Advisories: RHSA-2014:1620 http://rhn.redhat.com/errata/RHSA-2014-1620.html RedHat Security Advisories: RHSA-2014:1633 http://rhn.redhat.com/errata/RHSA-2014-1633.html RedHat Security Advisories: RHSA-2014:1634 http://rhn.redhat.com/errata/RHSA-2014-1634.html RedHat Security Advisories: RHSA-2014:1636 http://rhn.redhat.com/errata/RHSA-2014-1636.html RedHat Security Advisories: RHSA-2014:1657 http://rhn.redhat.com/errata/RHSA-2014-1657.html RedHat Security Advisories: RHSA-2014:1658 http://rhn.redhat.com/errata/RHSA-2014-1658.html RedHat Security Advisories: RHSA-2014:1876 http://rhn.redhat.com/errata/RHSA-2014-1876.html RedHat Security Advisories: RHSA-2014:1877 http://rhn.redhat.com/errata/RHSA-2014-1877.html RedHat Security Advisories: RHSA-2014:1880 http://rhn.redhat.com/errata/RHSA-2014-1880.html RedHat Security Advisories: RHSA-2014:1881 http://rhn.redhat.com/errata/RHSA-2014-1881.html RedHat Security Advisories: RHSA-2014:1882 http://rhn.redhat.com/errata/RHSA-2014-1882.html RedHat Security Advisories: RHSA-2015:0264 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://secunia.com/advisories/60414 http://secunia.com/advisories/60416 http://secunia.com/advisories/60417 http://secunia.com/advisories/61018 http://secunia.com/advisories/61020 http://secunia.com/advisories/61143 http://secunia.com/advisories/61163 http://secunia.com/advisories/61164 http://secunia.com/advisories/61346 http://secunia.com/advisories/61609 http://secunia.com/advisories/61629 http://secunia.com/advisories/61631 http://secunia.com/advisories/61928 SuSE Security Announcement: SUSE-SU-2014:1422 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html SuSE Security Announcement: SUSE-SU-2014:1526 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html SuSE Security Announcement: SUSE-SU-2014:1549 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0344 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html SuSE Security Announcement: SUSE-SU-2015:0345 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html SuSE Security Announcement: SUSE-SU-2015:0376 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html SuSE Security Announcement: SUSE-SU-2015:0392 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://www.ubuntu.com/usn/USN-2386-1 http://www.ubuntu.com/usn/USN-2388-1 http://www.ubuntu.com/usn/USN-2388-2 Common Vulnerability Exposure (CVE) ID: CVE-2014-6531 http://www.securityfocus.com/bid/70572 Common Vulnerability Exposure (CVE) ID: CVE-2014-6502 http://www.securityfocus.com/bid/70533 Common Vulnerability Exposure (CVE) ID: CVE-2014-6512 http://www.securityfocus.com/bid/70567 Common Vulnerability Exposure (CVE) ID: CVE-2014-6511 http://www.securityfocus.com/bid/70548 Common Vulnerability Exposure (CVE) ID: CVE-2014-6506 http://www.securityfocus.com/bid/70556 Common Vulnerability Exposure (CVE) ID: CVE-2014-6457 http://www.securityfocus.com/bid/70538 http://secunia.com/advisories/61635
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.