Vulnerabilities > CVE-2010-0840
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
OS | 3 | |
OS | 4 |
Exploit-Db
description | Java Statement.invoke() Trusted Method Chain Exploit. CVE-2010-0840. Remote exploits for multiple platform |
id | EDB-ID:16297 |
last seen | 2016-02-01 |
modified | 2010-12-15 |
published | 2010-12-15 |
reporter | metasploit |
source | https://www.exploit-db.com/download/16297/ |
title | Java Statement.invoke Trusted Method Chain Exploit |
Metasploit
description | This module exploits a vulnerability in Java Runtime Environment that allows an untrusted method to run in a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23. |
id | MSF:EXPLOIT/MULTI/BROWSER/JAVA_TRUSTED_CHAIN |
last seen | 2020-06-14 |
modified | 1976-01-01 |
published | 1976-01-01 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/browser/java_trusted_chain.rb |
title | Java Statement.invoke() Trusted Method Chain Privilege Escalation |
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-923-1.NASL description Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user last seen 2020-06-01 modified 2020-06-02 plugin id 45474 published 2010-04-09 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/45474 title Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openjdk-6 vulnerabilities (USN-923-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-923-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(45474); script_version("1.24"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2009-3555", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0088", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0840", "CVE-2010-0845", "CVE-2010-0847", "CVE-2010-0848"); script_bugtraq_id(36935, 39065, 39069, 39071, 39072, 39075, 39078, 39081, 39085, 39086, 39088, 39089, 39090, 39093, 39094, 39096); script_xref(name:"USN", value:"923-1"); script_name(english:"Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openjdk-6 vulnerabilities (USN-923-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. (CVE-2009-3555) It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0094) It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. If a remote attacker could trigger specific error conditions, a Java application could crash, leading to a denial of service. (CVE-2010-0092, CVE-2010-0093, CVE-2010-0095, CVE-2010-0845) It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. If a user or automated system were tricked into handling specially crafted JAR files or images, a remote attacker could crash the Java application or possibly gain user privileges (CVE-2010-0837, CVE-2010-0838, CVE-2010-0847, CVE-2010-0848). It was discovered that applets did not correctly handle certain trust chains. If a user were tricked into running a specially crafted applet, a remote attacker could possibly run untrusted code with user privileges. (CVE-2010-0840). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/923-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java Statement.invoke() Trusted Method Chain Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(310); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source-files"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09"); script_set_attribute(attribute:"patch_publication_date", value:"2010/04/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.04|8\.10|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 8.10 / 9.04 / 9.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-dbg", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-demo", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-doc", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-jdk", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-jre", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-jre-headless", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-jre-lib", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.04", pkgname:"openjdk-6-source", pkgver:"6b11-2ubuntu2.2")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"icedtea6-plugin", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-dbg", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-demo", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-doc", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-jdk", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-jre", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-jre-headless", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-jre-lib", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-source", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"openjdk-6-source-files", pkgver:"6b12-0ubuntu6.7")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"icedtea-6-jre-cacao", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"icedtea6-plugin", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-dbg", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-demo", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-doc", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-jdk", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-jre", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-jre-headless", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-jre-lib", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-jre-zero", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-source", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"openjdk-6-source-files", pkgver:"6b14-1.4.1-0ubuntu13")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"icedtea-6-jre-cacao", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"icedtea6-plugin", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-dbg", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-demo", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-doc", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-jdk", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-jre", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-jre-headless", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-jre-lib", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-jre-zero", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"openjdk-6-source", pkgver:"6b16-1.6.1-3ubuntu3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "icedtea-6-jre-cacao / icedtea6-plugin / openjdk-6-dbg / etc"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0339.NASL description Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client last seen 2020-06-01 modified 2020-06-02 plugin id 46295 published 2010-05-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46295 title RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0339) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0339. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(46295); script_version ("1.32"); script_cvs_date("Date: 2019/10/25 13:36:15"); script_cve_id("CVE-2009-3555", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0088", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0840", "CVE-2010-0845", "CVE-2010-0847", "CVE-2010-0848"); script_bugtraq_id(36935, 39065, 39069, 39071, 39072, 39075, 39078, 39081, 39085, 39086, 39088, 39089, 39090, 39093, 39094, 39096); script_xref(name:"RHSA", value:"2010:0339"); script_name(english:"RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0339)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. (CVE-2009-3555) This update disables renegotiation in the Java Secure Socket Extension (JSSE) component. Unsafe renegotiation can be re-enabled using the sun.security.ssl.allowUnsafeRenegotiation property. Refer to the following Knowledgebase article for details: http://kbase.redhat.com/faq/docs/DOC-20491 A number of flaws have been fixed in the Java Virtual Machine (JVM) and in various Java class implementations. These flaws could allow an unsigned applet or application to bypass intended access restrictions. (CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0094) An untrusted applet could access clipboard information if a drag operation was performed over that applet's canvas. This could lead to an information leak. (CVE-2010-0091) The rawIndex operation incorrectly handled large values, causing the corruption of internal memory structures, resulting in an untrusted applet or application crashing. (CVE-2010-0092) The System.arraycopy operation incorrectly handled large index values, potentially causing array corruption in an untrusted applet or application. (CVE-2010-0093) Subclasses of InetAddress may incorrectly interpret network addresses, allowing an untrusted applet or application to bypass network access restrictions. (CVE-2010-0095) In certain cases, type assignments could result in 'non-exact' interface types. This could be used to bypass type-safety restrictions. (CVE-2010-0845) A buffer overflow flaw in LittleCMS (embedded in OpenJDK) could cause an untrusted applet or application using color profiles from untrusted sources to crash. (CVE-2010-0838) An input validation flaw was found in the JRE unpack200 functionality. An untrusted applet or application could use this flaw to elevate its privileges. (CVE-2010-0837) Deferred calls to trusted applet methods could be granted incorrect permissions, allowing an untrusted applet or application to extend its privileges. (CVE-2010-0840) A missing input validation flaw in the JRE could allow an attacker to crash an untrusted applet or application. (CVE-2010-0848) A flaw in Java2D could allow an attacker to execute arbitrary code with the privileges of a user running an untrusted applet or application that uses Java2D. (CVE-2010-0847) Note: The flaws concerning applets in this advisory, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0847, and CVE-2010-0848, can only be triggered in java-1.6.0-openjdk by calling the 'appletviewer' application. This update also provides three defense in depth patches. (BZ#575745, BZ#575861, BZ#575789) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-3555" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0082" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0084" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0085" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0088" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0091" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0092" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0093" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0094" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0095" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0837" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0838" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0840" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0845" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0847" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0848" ); # http://kbase.redhat.com/faq/docs/DOC-20491 script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/articles/20490" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0339" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java Statement.invoke() Trusted Method Chain Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(310); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09"); script_set_attribute(attribute:"patch_publication_date", value:"2010/03/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2010:0339"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc"); } }
NASL family Scientific Linux Local Security Checks NASL id SL_20100331_JAVA__JDK_1_6_0__ON_SL4_X.NASL description CVE-2009-3555 TLS: MITM attacks via session renegotiation CVE-2010-0082 OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217) CVE-2010-0084 OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) CVE-2010-0085 OpenJDK File TOCTOU deserialization vulnerability (6736390) CVE-2010-0088 OpenJDK Inflater/Deflater clone issues (6745393) CVE-2010-0091 OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703) CVE-2010-0092 OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) CVE-2010-0093 OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) CVE-2010-0094 OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) CVE-2010-0095 OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) CVE-2010-0845 OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) CVE-2010-0838 OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653) CVE-2010-0837 OpenJDK JAR last seen 2020-06-01 modified 2020-06-02 plugin id 60777 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60777 title Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60777); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:18"); script_cve_id("CVE-2009-3555", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0087", "CVE-2010-0088", "CVE-2010-0089", "CVE-2010-0090", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0839", "CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0845", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849"); script_name(english:"Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "CVE-2009-3555 TLS: MITM attacks via session renegotiation CVE-2010-0082 OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217) CVE-2010-0084 OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) CVE-2010-0085 OpenJDK File TOCTOU deserialization vulnerability (6736390) CVE-2010-0088 OpenJDK Inflater/Deflater clone issues (6745393) CVE-2010-0091 OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703) CVE-2010-0092 OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) CVE-2010-0093 OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) CVE-2010-0094 OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) CVE-2010-0095 OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) CVE-2010-0845 OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) CVE-2010-0838 OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653) CVE-2010-0837 OpenJDK JAR 'unpack200' must verify input parameters (6902299) CVE-2010-0840 OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) CVE-2010-0841 OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597) CVE-2010-0848 OpenJDK AWT Library Invalid Index Vulnerability (6914823) CVE-2010-0847 OpenJDK ImagingLib arbitrary code execution vulnerability (6914866) CVE-2010-0846 JDK unspecified vulnerability in ImageIO component CVE-2010-0849 JDK unspecified vulnerability in Java2D component CVE-2010-0087 JDK unspecified vulnerability in JWS/Plugin component CVE-2010-0839 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 JDK multiple unspecified vulnerabilities CVE-2010-0090 JDK unspecified vulnerability in JavaWS/Plugin component CVE-2010-0089 JDK unspecified vulnerability in JavaWS/Plugin component This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE and Java for Business Critical Patch Update Advisory' page, listed in the References section. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849) For the CVE-2009-3555 issue, this update disables renegotiation in the Java Secure Socket Extension (JSSE) component. Unsafe renegotiation can be re-enabled using the sun.security.ssl.allowUnsafeRenegotiation property. All running instances of Sun Java must be restarted for the update to take effect." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1004&L=scientific-linux-errata&T=0&P=1274 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?30226ac8" ); script_set_attribute( attribute:"solution", value:"Update the affected java-1.6.0-sun-compat and / or jdk packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java MixerSequencer Object GM_Song Structure Handling Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(310); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09"); script_set_attribute(attribute:"patch_publication_date", value:"2010/03/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"java-1.6.0-sun-compat-1.6.0.19-1.sl4.jpp")) flag++; if (rpm_check(release:"SL4", reference:"jdk-1.6.0_19-fcs")) flag++; if (rpm_check(release:"SL5", reference:"java-1.6.0-sun-compat-1.6.0.19-1.sl5.jpp")) flag++; if (rpm_check(release:"SL5", reference:"jdk-1.6.0_19-fcs")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_JAVA-1_6_0-IBM-100525.NASL description This update of IBM Java 6 to Service Request 8 to fixes the following security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors. (CVE-2010-0090) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0092) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the class loader of a constructor that is being deserialized. (CVE-2010-0094) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0837) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module of the JVM. (CVE-2010-0838) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 51606 published 2011-01-21 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51606 title SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 2553) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(51606); script_version("1.14"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0087", "CVE-2010-0088", "CVE-2010-0089", "CVE-2010-0090", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0839", "CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849"); script_name(english:"SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 2553)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update of IBM Java 6 to Service Request 8 to fixes the following security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors. (CVE-2010-0090) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0092) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the class loader of a constructor that is being deserialized. (CVE-2010-0094) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0837) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module of the JVM. (CVE-2010-0838) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) 'a similar trust issue with interfaces,' aka 'Trusted Methods Chaining Remote Code Execution Vulnerability.'. (CVE-2010-0840) - Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and 'stepX'. (CVE-2010-0841) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure. (CVE-2010-0842) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code. (CVE-2010-0843) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory. (CVE-2010-0844) - Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an 'invalid assignment' and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl). (CVE-2010-0846) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. (CVE-2010-0847) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0848) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image. (CVE-2010-0849) Please also see http://www.ibm.com/developerworks/java/jdk/alerts/ for a more up to date list on what was fixed." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=603283" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0084.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0085.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0087.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0088.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0089.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0090.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0091.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0092.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0094.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0095.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0837.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0838.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0839.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0840.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0841.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0842.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0843.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0844.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0846.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0847.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0848.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0849.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 2553."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java MixerSequencer Object GM_Song Structure Handling Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/05/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1"); flag = 0; if (rpm_check(release:"SLES11", sp:1, reference:"java-1_6_0-ibm-1.6.0_sr8.0-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"java-1_6_0-ibm-fonts-1.6.0_sr8.0-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:1, reference:"java-1_6_0-ibm-jdbc-1.6.0_sr8.0-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr8.0-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr8.0-0.7.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_11_1_JAVA-1_6_0-OPENJDK-100428.NASL description java-1_6_0-openjdk version 1.7.3 fixes serveral security issues : - CVE-2010-0837: JAR last seen 2020-06-01 modified 2020-06-02 plugin id 46189 published 2010-04-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46189 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update java-1_6_0-openjdk-2362. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(46189); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:38"); script_cve_id("CVE-2009-3555", "CVE-2010-0082", "CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0088", "CVE-2010-0091", "CVE-2010-0092", "CVE-2010-0093", "CVE-2010-0094", "CVE-2010-0095", "CVE-2010-0837", "CVE-2010-0838", "CVE-2010-0840", "CVE-2010-0845", "CVE-2010-0847", "CVE-2010-0848"); script_name(english:"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)"); script_summary(english:"Check for the java-1_6_0-openjdk-2362 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "java-1_6_0-openjdk version 1.7.3 fixes serveral security issues : - CVE-2010-0837: JAR 'unpack200' must verify input parameters - CVE-2010-0845: No ClassCastException for HashAttributeSet constructors if run with -Xcomp - CVE-2010-0838: CMM readMabCurveData Buffer Overflow Vulnerability - CVE-2010-0082: Loader-constraint table allows arrays instead of only the base-classes - CVE-2010-0095: Subclasses of InetAddress may incorrectly interpret network addresses - CVE-2010-0085: File TOCTOU deserialization vulnerability - CVE-2010-0091: Unsigned applet can retrieve the dragged information before drop action occurs - CVE-2010-0088: Inflater/Deflater clone issues - CVE-2010-0084: Policy/PolicyFile leak dynamic ProtectionDomains. - CVE-2010-0092: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error - CVE-2010-0094: Deserialization of RMIConnectionImpl objects should enforce stricter checks - CVE-2010-0093: System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes - CVE-2010-0840: Applet Trusted Methods Chaining Privilege Escalation Vulnerability - CVE-2010-0848: AWT Library Invalid Index Vulnerability - CVE-2010-0847: ImagingLib arbitrary code execution vulnerability - CVE-2009-3555: TLS: MITM attacks via session renegotiation" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=594415" ); script_set_attribute( attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2010-04/msg00090.html" ); script_set_attribute( attribute:"solution", value:"Update the affected java-1_6_0-openjdk packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java Statement.invoke() Trusted Method Chain Privilege Escalation'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(310); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/04/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-1.6.0.0_b17-2.3.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-demo-1.6.0.0_b17-2.3.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-devel-1.6.0.0_b17-2.3.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-javadoc-1.6.0.0_b17-2.3.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-plugin-1.6.0.0_b17-2.3.1") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-src-1.6.0.0_b17-2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_6_0-openjdk / java-1_6_0-openjdk-demo / etc"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0489.NASL description Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM last seen 2020-06-01 modified 2020-06-02 plugin id 47043 published 2010-06-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47043 title RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0489) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0489. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(47043); script_version ("1.36"); script_cvs_date("Date: 2019/10/25 13:36:15"); script_cve_id("CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849"); script_bugtraq_id(39062, 39065, 39067, 39071, 39073, 39077, 39078, 39083, 39084); script_xref(name:"RHSA", value:"2010:0489"); script_name(english:"RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2010:0489)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM 'Security alerts' page, listed in the References section. (CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR11-FP2 Java release. All running instances of IBM Java must be restarted for this update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0840" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0841" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0842" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0843" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0844" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0846" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0847" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0848" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-0849" ); # http://www.ibm.com/developerworks/java/jdk/alerts/ script_set_attribute( attribute:"see_also", value:"https://developer.ibm.com/javasdk/support/security-vulnerabilities/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0489" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java MixerSequencer Object GM_Song Structure Handling Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.4"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/01"); script_set_attribute(attribute:"patch_publication_date", value:"2010/06/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x / 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2010:0489"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"s390", reference:"java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL4", reference:"java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el4")) flag++; if (rpm_check(release:"RHEL5", reference:"java-1.5.0-ibm-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.5.0-ibm-accessibility-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"java-1.5.0-ibm-demo-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"java-1.5.0-ibm-devel-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.5.0-ibm-javacomm-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390", reference:"java-1.5.0-ibm-jdbc-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.5.0-ibm-plugin-1.5.0.11.2-1jpp.1.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"java-1.5.0-ibm-src-1.5.0.11.2-1jpp.1.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.5.0-ibm / java-1.5.0-ibm-accessibility / java-1.5.0-ibm-demo / etc"); } }
NASL family SuSE Local Security Checks NASL id SUSE9_12626.NASL description This update brings IBM Java 1.4.2 to SR13 FP5, fixing various bugs and security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 49101 published 2010-09-03 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49101 title SuSE9 Security Update : IBM Java (YOU Patch Number 12626) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(49101); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2010-0084", "CVE-2010-0085", "CVE-2010-0087", "CVE-2010-0088", "CVE-2010-0089", "CVE-2010-0091", "CVE-2010-0095", "CVE-2010-0839", "CVE-2010-0840", "CVE-2010-0841", "CVE-2010-0842", "CVE-2010-0843", "CVE-2010-0844", "CVE-2010-0846", "CVE-2010-0847", "CVE-2010-0848", "CVE-2010-0849"); script_name(english:"SuSE9 Security Update : IBM Java (YOU Patch Number 12626)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This update brings IBM Java 1.4.2 to SR13 FP5, fixing various bugs and security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) 'a similar trust issue with interfaces,' aka 'Trusted Methods Chaining Remote Code Execution Vulnerability.'. (CVE-2010-0840) - Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and 'stepX'. (CVE-2010-0841) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure. (CVE-2010-0842) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code. (CVE-2010-0843) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory. (CVE-2010-0844) - Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an 'invalid assignment' and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl). (CVE-2010-0846) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. (CVE-2010-0847) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0848) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image. (CVE-2010-0849)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0084.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0085.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0087.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0088.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0089.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0091.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0095.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0839.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0840.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0841.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0842.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0843.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0844.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0846.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0847.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0848.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2010-0849.html" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12626."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Java MixerSequencer Object GM_Song Structure Handling Vulnerability'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/07/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"IBMJava2-JRE-1.4.2_sr13.5-0.7")) flag++; if (rpm_check(release:"SUSE9", reference:"IBMJava2-SDK-1.4.2_sr13.5-0.7")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0383.NASL description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. These vulnerabilities are summarized on the IBM last seen 2020-06-01 modified 2020-06-02 plugin id 46304 published 2010-05-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46304 title RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2010:0383) NASL family Fedora Local Security Checks NASL id FEDORA_2010-6039.NASL description Add latest security patches. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47411 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47411 title Fedora 11 : java-1.6.0-openjdk-1.6.0.0-34.b17.fc11 (2010-6039) NASL family MacOS X Local Security Checks NASL id MACOSX_JAVA_10_5_UPDATE7.NASL description The remote Mac OS X host is running a version of Java for Mac OS X 10.5 that is missing Update 7. The remote version of this software contains several security vulnerabilities, including some that may allow untrusted Java applets to obtain elevated privileges and lead to execution of arbitrary code with the privileges of the current user. last seen 2020-03-18 modified 2010-05-19 plugin id 46673 published 2010-05-19 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46673 title Mac OS X : Java for Mac OS X 10.5 Update 7 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0339.NASL description Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client last seen 2020-06-01 modified 2020-06-02 plugin id 46873 published 2010-06-14 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46873 title CentOS 5 : java-1.6.0-openjdk (CESA-2010:0339) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0337.NASL description Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the last seen 2020-06-01 modified 2020-06-02 plugin id 46293 published 2010-05-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46293 title RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0337) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2011-0003.NASL description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. f. vCenter Server third-party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. g. ESX third-party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. h. ESXi third-party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. i. ESX third-party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. j. ESX third-party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Notes : - The update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1 and in a previous ESX 4.0 patch release. - The update also addresses CVE-2010-2240 for ESX 4.0. last seen 2020-06-01 modified 2020-06-02 plugin id 51971 published 2011-02-14 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51971 title VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0471.NASL description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.3. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.3. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0848, CVE-2010-0849) Users of Red Hat Network Satellite Server 5.3 are advised to upgrade to these updated java-1.6.0-ibm packages, which resolve these issues. For this update to take effect, Red Hat Network Satellite Server must be restarted ( last seen 2020-06-01 modified 2020-06-02 plugin id 47017 published 2010-06-15 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47017 title RHEL 4 / 5 : IBM Java Runtime in Satellite Server (RHSA-2010:0471) NASL family SuSE Local Security Checks NASL id SUSE_11_JAVA-1_4_2-IBM-100728.NASL description This update brings IBM Java 1.4.2 to SR13 FP5, fixing various bugs and security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 50915 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50915 title SuSE 11 / 11.1 Security Update : IBM Java / Java (SAT Patch Numbers 2812 / 2813) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0339.NASL description From Red Hat Security Advisory 2010:0339 : Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client last seen 2020-06-01 modified 2020-06-02 plugin id 68028 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68028 title Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0339) NASL family SuSE Local Security Checks NASL id SUSE_11_0_JAVA-1_6_0-OPENJDK-100428.NASL description java-1_6_0-openjdk version 1.7.3 fixes serveral security issues : - CVE-2010-0837: JAR last seen 2020-06-01 modified 2020-06-02 plugin id 46187 published 2010-04-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46187 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1) NASL family Misc. NASL id ORACLE_JAVA_CPU_MAR_2010_UNIX.NASL description The version of Oracle (formerly Sun) Java Runtime Environment (JRE) installed on the remote host is earlier than 6 Update 19 / 5.0 Update 24 / 1.4.2_26. Such versions are potentially affected by security issues in the following components : - ImageIO - Java 2D - JRE - Java Web Start, Java Plug-in - Pack200 - Sound - JSSE - HotSpot Server last seen 2020-06-01 modified 2020-06-02 plugin id 64842 published 2013-02-22 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64842 title Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) (Unix) NASL family SuSE Local Security Checks NASL id SUSE_11_0_JAVA-1_6_0-SUN-100331.NASL description Sun Java 6 was updated to Update 19, fixing a large number of security issues. CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 last seen 2020-06-01 modified 2020-06-02 plugin id 45454 published 2010-04-09 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45454 title openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228) NASL family SuSE Local Security Checks NASL id SUSE_11_JAVA-1_6_0-SUN-100331.NASL description Sun Java 6 was updated to Update 19, fixing a large number of security issues: CVE-2009-3555 / CVE-2010-0082 / CVE-2010-0084 / CVE-2010-0085 / CVE-2010-0087 / CVE-2010-0088 / CVE-2010-0089 / CVE-2010-0090 / CVE-2010-0091 / CVE-2010-0092 / CVE-2010-0093 / CVE-2010-0094 / CVE-2010-0095 / CVE-2010-0837 / CVE-2010-0838 / CVE-2010-0839 / CVE-2010-0840 / CVE-2010-0841 / CVE-2010-0842 / CVE-2010-0843 / CVE-2010-0844 / CVE-2010-0845 / CVE-2010-0846 / CVE-2010-0847 / CVE-2010-0848 / CVE-2010-0849 / CVE-2010-0850. last seen 2020-06-01 modified 2020-06-02 plugin id 50917 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50917 title SuSE 11 Security Update : Sun Java 6 (SAT Patch Number 2225) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201006-18.NASL description The remote host is affected by the vulnerability described in GLSA-201006-18 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Impact : A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 46807 published 2010-06-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46807 title GLSA-201006-18 : Oracle JRE/JDK: Multiple vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20100331_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL description A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client last seen 2020-06-01 modified 2020-06-02 plugin id 60776 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60776 title Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 NASL family SuSE Local Security Checks NASL id SUSE_11_1_JAVA-1_6_0-SUN-100331.NASL description Sun Java 6 was updated to Update 19, fixing a large number of security issues. CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 last seen 2020-06-01 modified 2020-06-02 plugin id 45459 published 2010-04-09 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45459 title openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228) NASL family Misc. NASL id VMWARE_VMSA-2011-0003_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - Apache Tomcat - Apache Tomcat Manager - cURL - Java Runtime Environment (JRE) - Kernel - Microsoft SQL Express - OpenSSL - pam_krb5 last seen 2020-06-01 modified 2020-06-02 plugin id 89674 published 2016-03-04 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89674 title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check) NASL family Fedora Local Security Checks NASL id FEDORA_2010-6279.NASL description Add latest security updates. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47426 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47426 title Fedora 13 : java-1.6.0-openjdk-1.6.0.0-37.b17.fc13 (2010-6279) NASL family SuSE Local Security Checks NASL id SUSE_JAVA-1_5_0-IBM-7077.NASL description This update of IBM Java 1.5.0 to SR11 FP2 to fixes the following security issues : - Various unspecified and undocumented vulnerabilities that allows remote attackers to affect confidentiality, integrity and availability via various unknown vectors. (CVE-2010-0084 / CVE-2010-0085 / CVE-2010-0087 / CVE-2010-0088 / CVE-2010-0089 / CVE-2010-0091 / CVE-2010-0092 / CVE-2010-0095 / CVE-2010-0837 / CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the class loader of a constructor that is being deserialized. (CVE-2010-0094) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module of the JVM. (CVE-2010-0838) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 49864 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49864 title SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 7077) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0574.NASL description Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.4.2 SR13-FP5 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. These vulnerabilities are summarized on the IBM last seen 2020-06-01 modified 2020-06-02 plugin id 47905 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47905 title RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0574) NASL family Windows NASL id ORACLE_JAVA_CPU_MAR_2010.NASL description The version of Oracle (formerly Sun) Java Runtime Environment (JRE) installed on the remote host is earlier than 6 Update 19 / 5.0 Update 24 / 1.4.2_26. Such versions are potentially affected by security issues in the following components : - ImageIO - Java 2D - JRE - Java Web Start, Java Plug-in - Pack200 - Sound - JSSE - HotSpot Server last seen 2020-06-01 modified 2020-06-02 plugin id 45379 published 2010-03-30 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45379 title Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) NASL family SuSE Local Security Checks NASL id SUSE_11_JAVA-1_6_0-IBM-100610.NASL description This update of IBM Java 6 to SR 8 to fixes the following security issues : - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0084) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0085) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0087) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0088) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. (CVE-2010-0089) - Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown vectors. (CVE-2010-0090) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. (CVE-2010-0091) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0092) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the class loader of a constructor that is being deserialized. (CVE-2010-0094) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0095) - Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0837) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module of the JVM. (CVE-2010-0838) - Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.1 27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2010-0839) - Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 50916 published 2010-12-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50916 title SuSE 11 Security Update : IBM Java 6 (SAT Patch Number 2548) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0338.NASL description The java-1.5.0-sun packages as shipped in Red Hat Enterprise Linux 4 Extras and 5 Supplementary contain security flaws and should not be used. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. The java-1.5.0-sun packages are vulnerable to a number of security flaws and should no longer be used. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849) The Sun Java SE Release family 5.0 reached its End of Service Life on November 3, 2009. The RHSA-2009:1571 update provided the final publicly available update of version 5.0 (Update 22). Users interested in continuing to receive critical fixes for Sun Java SE 5.0 should contact Oracle : http://www.sun.com/software/javaforbusiness/index.jsp An alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of the IBM Developer Kit for Linux, which is available from the Extras and Supplementary channels on the Red Hat Network. Applications capable of using the Java 6 runtime can be migrated to Java 6 on: OpenJDK (java-1.6.0-openjdk), an open source JDK included in Red Hat Enterprise Linux 5, since 5.3; the IBM JDK, java-1.6.0-ibm; or the Sun JDK, java-1.6.0-sun. This update removes the java-1.5.0-sun packages as they have reached their End of Service Life. last seen 2020-06-01 modified 2020-06-02 plugin id 46294 published 2010-05-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46294 title RHEL 4 / 5 : java-1.5.0-sun (RHSA-2010:0338) NASL family SuSE Local Security Checks NASL id SUSE_11_2_JAVA-1_6_0-SUN-100331.NASL description Sun Java 6 was updated to Update 19, fixing a large number of security issues. CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 last seen 2020-06-01 modified 2020-06-02 plugin id 45465 published 2010-04-09 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45465 title openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-2228) NASL family SuSE Local Security Checks NASL id SUSE9_12623.NASL description This update of IBM Java 1.5.0 to SR11 FP2 to fixes the following security issues : - Various unspecified and undocumented vulnerabilities that allows remote attackers to affect confidentiality, integrity and availability via various unknown vectors. (CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091, CVE-2010-0092, CVE-2010-0095, CVE-2010-0837, CVE-2010-0839) - Unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the class loader of a constructor that is being deserialized. (CVE-2010-0094) - Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module of the JVM. (CVE-2010-0838) - Unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) last seen 2020-06-01 modified 2020-06-02 plugin id 47617 published 2010-07-07 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47617 title SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12623) NASL family MacOS X Local Security Checks NASL id MACOSX_JAVA_10_6_UPDATE2.NASL description The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 2. The remote version of this software contains several security vulnerabilities, including some that may allow untrusted Java applets to obtain elevated privileges and lead to execution of arbitrary code with the privileges of the current user. last seen 2020-03-18 modified 2010-05-19 plugin id 46674 published 2010-05-19 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46674 title Mac OS X : Java for Mac OS X 10.6 Update 2 NASL family SuSE Local Security Checks NASL id SUSE_11_2_JAVA-1_6_0-OPENJDK-100412.NASL description java-1_6_0-openjdk version 1.7.3 fixes serveral security issues : - CVE-2010-0837: JAR last seen 2020-06-01 modified 2020-06-02 plugin id 46191 published 2010-04-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46191 title openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-084.NASL description Multiple Java OpenJDK security vulnerabilities has been identified and fixed : - TLS: MITM attacks via session renegotiation (CVE-2009-3555). - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulnerability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2 : - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages : - plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. last seen 2020-06-01 modified 2020-06-02 plugin id 46176 published 2010-04-29 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46176 title Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) NASL family SuSE Local Security Checks NASL id SUSE_JAVA-1_4_2-IBM-7106.NASL description This update brings IBM Java 1.4.2 to SR13 FP5, fixing various bugs and last seen 2020-06-01 modified 2020-06-02 plugin id 49862 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/49862 title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7106) NASL family Fedora Local Security Checks NASL id FEDORA_2010-6025.NASL description Add latest security updates. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47410 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47410 title Fedora 12 : java-1.6.0-openjdk-1.6.0.0-37.b17.fc12 (2010-6025)
Oval
accepted 2015-03-23T04:00:33.787-04:00 class vulnerability contributors name Aharon Chernin organization DTCC name Dragos Prisaca organization G2, Inc. name Maria Mikhno organization ALTX-SOFT name Maria Mikhno organization ALTX-SOFT
definition_extensions comment Java SE Development Kit 6 is installed oval oval:org.mitre.oval:def:15831 comment Java SE Runtime Environment 6 is installed oval oval:org.mitre.oval:def:16362 comment Java SE Runtime Environment 5 is installed oval oval:org.mitre.oval:def:15748 comment Java SE Development Kit 5 is installed oval oval:org.mitre.oval:def:16292
description Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." family windows id oval:org.mitre.oval:def:13971 status accepted submitted 2011-11-25T18:03:41.000-05:00 title Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." version 11 accepted 2013-04-29T04:23:48.590-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description Remote Code Execution Vulnerability." family unix id oval:org.mitre.oval:def:9974 status accepted submitted 2010-07-09T03:56:16-04:00 title Remote Code Execution Vulnerability." version 18
Packetstorm
data source | https://packetstormsecurity.com/files/download/92972/java_trusted_chain.rb.txt |
id | PACKETSTORM:92972 |
last seen | 2016-12-05 |
published | 2010-08-24 |
reporter | egypt |
source | https://packetstormsecurity.com/files/92972/Java-Statement.invoke-Trusted-Method-Chain-Exploit.html |
title | Java Statement.invoke() Trusted Method Chain Exploit |
Redhat
advisories |
| ||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily | exploit |
description | No description provided by source. |
id | SSV:70815 |
last seen | 2017-11-19 |
modified | 2014-07-01 |
published | 2014-07-01 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-70815 |
title | Java Statement.invoke() Trusted Method Chain Exploit |
References
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
- http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
- http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://marc.info/?l=bugtraq&m=127557596201693&w=2
- http://marc.info/?l=bugtraq&m=127557596201693&w=2
- http://marc.info/?l=bugtraq&m=127557596201693&w=2
- http://marc.info/?l=bugtraq&m=127557596201693&w=2
- http://marc.info/?l=bugtraq&m=134254866602253&w=2
- http://marc.info/?l=bugtraq&m=134254866602253&w=2
- http://secunia.com/advisories/39292
- http://secunia.com/advisories/39292
- http://secunia.com/advisories/39317
- http://secunia.com/advisories/39317
- http://secunia.com/advisories/39659
- http://secunia.com/advisories/39659
- http://secunia.com/advisories/39819
- http://secunia.com/advisories/39819
- http://secunia.com/advisories/40211
- http://secunia.com/advisories/40211
- http://secunia.com/advisories/40545
- http://secunia.com/advisories/40545
- http://secunia.com/advisories/43308
- http://secunia.com/advisories/43308
- http://support.apple.com/kb/HT4170
- http://support.apple.com/kb/HT4170
- http://support.apple.com/kb/HT4171
- http://support.apple.com/kb/HT4171
- http://ubuntu.com/usn/usn-923-1
- http://ubuntu.com/usn/usn-923-1
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
- http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
- http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html
- http://www.oracle.com/technetwork/topics/security/javacpumar2010-083341.html
- http://www.redhat.com/support/errata/RHSA-2010-0337.html
- http://www.redhat.com/support/errata/RHSA-2010-0337.html
- http://www.redhat.com/support/errata/RHSA-2010-0338.html
- http://www.redhat.com/support/errata/RHSA-2010-0338.html
- http://www.redhat.com/support/errata/RHSA-2010-0339.html
- http://www.redhat.com/support/errata/RHSA-2010-0339.html
- http://www.redhat.com/support/errata/RHSA-2010-0383.html
- http://www.redhat.com/support/errata/RHSA-2010-0383.html
- http://www.redhat.com/support/errata/RHSA-2010-0471.html
- http://www.redhat.com/support/errata/RHSA-2010-0471.html
- http://www.redhat.com/support/errata/RHSA-2010-0489.html
- http://www.redhat.com/support/errata/RHSA-2010-0489.html
- http://www.securityfocus.com/archive/1/510528/100/0/threaded
- http://www.securityfocus.com/archive/1/510528/100/0/threaded
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
- http://www.securityfocus.com/bid/39065
- http://www.securityfocus.com/bid/39065
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
- http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/1191
- http://www.vupen.com/english/advisories/2010/1191
- http://www.vupen.com/english/advisories/2010/1454
- http://www.vupen.com/english/advisories/2010/1454
- http://www.vupen.com/english/advisories/2010/1523
- http://www.vupen.com/english/advisories/2010/1523
- http://www.vupen.com/english/advisories/2010/1793
- http://www.vupen.com/english/advisories/2010/1793
- http://www.zerodayinitiative.com/advisories/ZDI-10-056
- http://www.zerodayinitiative.com/advisories/ZDI-10-056
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13971
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9974