English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.870904
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for java-1.7.0-openjdk RHSA-2013:0247-01
Zusammenfassung:The remote host is missing an update for the 'java-1.7.0-openjdk'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'java-1.7.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

Multiple improper permission check issues were discovered in the AWT,
CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass Java sandbox
restrictions. (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441, CVE-2013-1475,
CVE-2013-1476, CVE-2013-0429, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426,
CVE-2013-0428, CVE-2013-0444)

Multiple flaws were found in the way image parsers in the 2D and AWT
components handled image raster parameters. A specially-crafted image could
cause Java Virtual Machine memory corruption and, possibly, lead to
arbitrary code execution with the virtual machine privileges.
(CVE-2013-1478, CVE-2013-1480)

A flaw was found in the AWT component's clipboard handling code. An
untrusted Java application or applet could use this flaw to access
clipboard data, bypassing Java sandbox restrictions. (CVE-2013-0432)

The default Java security properties configuration did not restrict access
to certain com.sun.xml.internal packages. An untrusted Java application or
applet could use this flaw to access information, bypassing certain Java
sandbox restrictions. This update lists the whole package as restricted.
(CVE-2013-0435)

Multiple improper permission check issues were discovered in the JMX,
Libraries, Networking, and JAXP components. An untrusted Java application
or applet could use these flaws to bypass certain Java sandbox
restrictions. (CVE-2013-0431, CVE-2013-0427, CVE-2013-0433, CVE-2013-0434)

It was discovered that the RMI component's CGIHandler class used user
inputs in error messages without any sanitization. An attacker could use
this flaw to perform a cross-site scripting (XSS) attack. (CVE-2013-0424)

It was discovered that the SSL/TLS implementation in the JSSE component
did not properly enforce handshake message ordering, allowing an unlimited
number of handshake restarts. A remote attacker could use this flaw to
make an SSL/TLS server using JSSE consume an excessive amount of CPU by
continuously restarting the handshake. (CVE-2013-0440)

It was discovered that the JSSE component did not properly validate
Diffie-Hellman public keys. An SSL/TLS client could possibly use this flaw
to perform a small subgroup attack. (CVE-2013-0443)

This erratu ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
java-1.7.0-openjdk on Red Hat Enterprise Linux (v. 5 server),
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-0424
BugTraq ID: 57715
http://www.securityfocus.com/bid/57715
Cert/CC Advisory: TA13-032A
http://www.us-cert.gov/cas/techalerts/TA13-032A.html
CERT/CC vulnerability note: VU#858729
http://www.kb.cert.org/vuls/id/858729
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBMU02874
http://marc.info/?l=bugtraq&m=136733161405818&w=2
HPdes Security Advisory: HPSBUX02857
http://marc.info/?l=bugtraq&m=136439120408139&w=2
HPdes Security Advisory: HPSBUX02864
http://marc.info/?l=bugtraq&m=136570436423916&w=2
HPdes Security Advisory: SSRT101103
HPdes Security Advisory: SSRT101156
HPdes Security Advisory: SSRT101184
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16519
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19131
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19423
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19522
RedHat Security Advisories: RHSA-2013:0236
http://rhn.redhat.com/errata/RHSA-2013-0236.html
RedHat Security Advisories: RHSA-2013:0237
http://rhn.redhat.com/errata/RHSA-2013-0237.html
RedHat Security Advisories: RHSA-2013:0245
http://rhn.redhat.com/errata/RHSA-2013-0245.html
RedHat Security Advisories: RHSA-2013:0246
http://rhn.redhat.com/errata/RHSA-2013-0246.html
RedHat Security Advisories: RHSA-2013:0247
http://rhn.redhat.com/errata/RHSA-2013-0247.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
SuSE Security Announcement: SUSE-SU-2013:0478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html
SuSE Security Announcement: openSUSE-SU-2013:0312 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html
SuSE Security Announcement: openSUSE-SU-2013:0377 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-0425
BugTraq ID: 57709
http://www.securityfocus.com/bid/57709
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19483
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19502
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19503
Common Vulnerability Exposure (CVE) ID: CVE-2013-0426
BugTraq ID: 57711
http://www.securityfocus.com/bid/57711
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15888
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19471
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19484
Common Vulnerability Exposure (CVE) ID: CVE-2013-0427
BugTraq ID: 57724
http://www.securityfocus.com/bid/57724
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18641
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19245
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19488
Common Vulnerability Exposure (CVE) ID: CVE-2013-0428
BugTraq ID: 57713
http://www.securityfocus.com/bid/57713
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19474
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19480
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19491
Common Vulnerability Exposure (CVE) ID: CVE-2013-0429
BugTraq ID: 57710
http://www.securityfocus.com/bid/57710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16649
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19342
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19457
Common Vulnerability Exposure (CVE) ID: CVE-2013-0431
Bugtraq: 20130122 Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable (Google Search)
http://www.securityfocus.com/archive/1/525387/30/0/threaded
http://seclists.org/fulldisclosure/2013/Jan/142
http://seclists.org/fulldisclosure/2013/Jan/195
http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53
http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16579
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19418
Common Vulnerability Exposure (CVE) ID: CVE-2013-0432
BugTraq ID: 57727
http://www.securityfocus.com/bid/57727
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16567
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19181
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19426
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19489
Common Vulnerability Exposure (CVE) ID: CVE-2013-0433
BugTraq ID: 57719
http://www.securityfocus.com/bid/57719
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16537
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19405
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19468
Common Vulnerability Exposure (CVE) ID: CVE-2013-0434
BugTraq ID: 57730
http://www.securityfocus.com/bid/57730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16528
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19272
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19430
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19505
Common Vulnerability Exposure (CVE) ID: CVE-2013-0435
BugTraq ID: 57729
http://www.securityfocus.com/bid/57729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16489
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19078
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19520
Common Vulnerability Exposure (CVE) ID: CVE-2013-0440
BugTraq ID: 57712
http://www.securityfocus.com/bid/57712
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19229
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19285
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19397
Common Vulnerability Exposure (CVE) ID: CVE-2013-0441
BugTraq ID: 57692
http://www.securityfocus.com/bid/57692
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16566
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19266
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19289
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19509
Common Vulnerability Exposure (CVE) ID: CVE-2013-0442
BugTraq ID: 57687
http://www.securityfocus.com/bid/57687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18597
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19126
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19434
Common Vulnerability Exposure (CVE) ID: CVE-2013-0443
BugTraq ID: 57702
http://www.securityfocus.com/bid/57702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15832
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19010
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19437
Common Vulnerability Exposure (CVE) ID: CVE-2013-0444
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16614
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19349
Common Vulnerability Exposure (CVE) ID: CVE-2013-0445
BugTraq ID: 57689
http://www.securityfocus.com/bid/57689
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16680
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19282
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19304
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19372
Common Vulnerability Exposure (CVE) ID: CVE-2013-0450
BugTraq ID: 57703
http://www.securityfocus.com/bid/57703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16550
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19286
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19363
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19572
Common Vulnerability Exposure (CVE) ID: CVE-2013-1475
BugTraq ID: 57694
http://www.securityfocus.com/bid/57694
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16613
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19238
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19325
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19593
Common Vulnerability Exposure (CVE) ID: CVE-2013-1476
BugTraq ID: 57696
http://www.securityfocus.com/bid/57696
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16652
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19466
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19475
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19507
Common Vulnerability Exposure (CVE) ID: CVE-2013-1478
BugTraq ID: 57686
http://www.securityfocus.com/bid/57686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15733
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19429
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19454
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19529
Common Vulnerability Exposure (CVE) ID: CVE-2013-1480
BugTraq ID: 57691
http://www.securityfocus.com/bid/57691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18845
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19351
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19504
CopyrightCopyright (c) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.