Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.871639
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for java-1.8.0-openjdk RHSA-2016:1458-01
Zusammenfassung:The remote host is missing an update for the 'java-1.8.0-openjdk'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'java-1.8.0-openjdk'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The java-1.8.0-openjdk packages provide the
OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* Multiple flaws were discovered in the Hotspot and Libraries components in
OpenJDK. An untrusted Java application or applet could use these flaws to
completely bypass Java sandbox restrictions. (CVE-2016-3606, CVE-2016-3587,
CVE-2016-3598, CVE-2016-3610)

* Multiple denial of service flaws were found in the JAXP component in
OpenJDK. A specially crafted XML file could cause a Java application using
JAXP to consume an excessive amount of CPU and memory when parsed.
(CVE-2016-3500, CVE-2016-3508)

* Multiple flaws were found in the CORBA and Hotsport components in
OpenJDK. An untrusted Java application or applet could use these flaws to
bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.

Affected Software/OS:
java-1.8.0-openjdk on Red Hat Enterprise Linux
Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Server (v. 7),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-3458
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
BugTraq ID: 91945
http://www.securityfocus.com/bid/91945
Debian Security Information: DSA-3641 (Google Search)
http://www.debian.org/security/2016/dsa-3641
https://security.gentoo.org/glsa/201610-08
https://security.gentoo.org/glsa/201701-43
RedHat Security Advisories: RHSA-2016:1458
https://access.redhat.com/errata/RHSA-2016:1458
RedHat Security Advisories: RHSA-2016:1475
https://access.redhat.com/errata/RHSA-2016:1475
RedHat Security Advisories: RHSA-2016:1476
https://access.redhat.com/errata/RHSA-2016:1476
RedHat Security Advisories: RHSA-2016:1477
https://access.redhat.com/errata/RHSA-2016:1477
RedHat Security Advisories: RHSA-2016:1504
http://rhn.redhat.com/errata/RHSA-2016-1504.html
RedHat Security Advisories: RHSA-2016:1776
http://rhn.redhat.com/errata/RHSA-2016-1776.html
http://www.securitytracker.com/id/1036365
SuSE Security Announcement: SUSE-SU-2016:1997 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html
SuSE Security Announcement: SUSE-SU-2016:2012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
SuSE Security Announcement: openSUSE-SU-2016:1979 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
SuSE Security Announcement: openSUSE-SU-2016:2050 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html
SuSE Security Announcement: openSUSE-SU-2016:2051 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
SuSE Security Announcement: openSUSE-SU-2016:2052 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html
SuSE Security Announcement: openSUSE-SU-2016:2058 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html
http://www.ubuntu.com/usn/USN-3043-1
http://www.ubuntu.com/usn/USN-3062-1
http://www.ubuntu.com/usn/USN-3077-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-3500
Common Vulnerability Exposure (CVE) ID: CVE-2016-3508
BugTraq ID: 91972
http://www.securityfocus.com/bid/91972
Common Vulnerability Exposure (CVE) ID: CVE-2016-3550
BugTraq ID: 91951
http://www.securityfocus.com/bid/91951
Common Vulnerability Exposure (CVE) ID: CVE-2016-3587
BugTraq ID: 91904
http://www.securityfocus.com/bid/91904
Common Vulnerability Exposure (CVE) ID: CVE-2016-3598
BugTraq ID: 91918
http://www.securityfocus.com/bid/91918
RedHat Security Advisories: RHSA-2016:1587
http://rhn.redhat.com/errata/RHSA-2016-1587.html
RedHat Security Advisories: RHSA-2016:1588
http://rhn.redhat.com/errata/RHSA-2016-1588.html
RedHat Security Advisories: RHSA-2016:1589
http://rhn.redhat.com/errata/RHSA-2016-1589.html
RedHat Security Advisories: RHSA-2017:1216
https://access.redhat.com/errata/RHSA-2017:1216
SuSE Security Announcement: SUSE-SU-2016:2261 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html
SuSE Security Announcement: SUSE-SU-2016:2286 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3606
BugTraq ID: 91912
http://www.securityfocus.com/bid/91912
Common Vulnerability Exposure (CVE) ID: CVE-2016-3610
BugTraq ID: 91930
http://www.securityfocus.com/bid/91930
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.