Vulnerabilities > CVE-2012-1531

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
oracle
sun
nessus

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Vulnerable Configurations

Part Description Count
Application
Oracle
108
Application
Sun
178

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_6_0-IBM-121126.NASL
    descriptionIBM Java 1.6.0 has been updated to SR12 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159 / CVE-2012-3216 / CVE-2012-5068 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-5072 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-1532 / CVE-2012-1533 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089
    last seen2020-06-05
    modified2013-01-25
    plugin id64166
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/64166
    titleSuSE 11.2 Security Update : IBM Java 1.6.0 (SAT Patch Number 7095)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(64166);
      script_version("1.11");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-1531", "CVE-2012-1532", "CVE-2012-1533", "CVE-2012-3143", "CVE-2012-3159", "CVE-2012-3216", "CVE-2012-5068", "CVE-2012-5069", "CVE-2012-5071", "CVE-2012-5072", "CVE-2012-5073", "CVE-2012-5075", "CVE-2012-5079", "CVE-2012-5081", "CVE-2012-5083", "CVE-2012-5084", "CVE-2012-5089");
    
      script_name(english:"SuSE 11.2 Security Update : IBM Java 1.6.0 (SAT Patch Number 7095)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "IBM Java 1.6.0 has been updated to SR12 which fixes bugs and security
    issues.
    
    More information can be found on :
    
    http://www.ibm.com/developerworks/java/jdk/alerts/
    
    CVEs fixed: CVE-2012-3159 / CVE-2012-3216 / CVE-2012-5068 /
    CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 /
    CVE-2012-5083 / CVE-2012-5072 / CVE-2012-1531 / CVE-2012-5081 /
    CVE-2012-1532 / CVE-2012-1533 / CVE-2012-5069 / CVE-2012-5071 /
    CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=785631"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=788750"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-1531.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-1532.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-1533.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3143.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3159.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3216.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5068.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5069.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5071.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5072.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5073.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5075.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5079.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5081.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5083.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5084.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5089.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7095.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Sun Java Web Start Double Quote Injection');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-1.6.0_sr12.0-0.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-fonts-1.6.0_sr12.0-0.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-jdbc-1.6.0_sr12.0-0.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr12.0-0.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr12.0-0.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_JAVA-1_4_2-IBM-8366.NASL
    descriptionIBM Java 1.4.2 has been updated to SR13-FP14 which fixes bugs and security issues. More information can be found on : [http://www.ibm.com/developerworks/java/jdk/alerts/)(http://www.ibm.co m/developerworks/java/jdk/alerts/) CVEs fixed: CVE-2012-3216 / CVE-2012-5073 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-5084 / CVE-2012-5079
    last seen2020-06-05
    modified2012-11-19
    plugin id62961
    published2012-11-19
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62961
    titleSuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 8366) (ROBOT)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(62961);
      script_version("1.7");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-1531", "CVE-2012-3216", "CVE-2012-5073", "CVE-2012-5079", "CVE-2012-5081", "CVE-2012-5083", "CVE-2012-5084");
    
      script_name(english:"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 8366) (ROBOT)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "IBM Java 1.4.2 has been updated to SR13-FP14 which fixes bugs and
    security issues.
    
    More information can be found on :
    
    [http://www.ibm.com/developerworks/java/jdk/alerts/)(http://www.ibm.co
    m/developerworks/java/jdk/alerts/)
    
    CVEs fixed: CVE-2012-3216 / CVE-2012-5073 / CVE-2012-5083 /
    CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-5084 /
    CVE-2012-5079"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-1531.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-3216.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5073.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5079.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5081.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5083.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-5084.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8366.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/19");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLES10", sp:4, reference:"java-1_4_2-ibm-1.4.2_sr13.14-0.5.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, reference:"java-1_4_2-ibm-devel-1.4.2_sr13.14-0.5.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"i586", reference:"java-1_4_2-ibm-jdbc-1.4.2_sr13.14-0.5.1")) flag++;
    if (rpm_check(release:"SLES10", sp:4, cpu:"i586", reference:"java-1_4_2-ibm-plugin-1.4.2_sr13.14-0.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_JAVA-1_5_0-IBM-8362.NASL
    descriptionIBM Java 1.5.0 has been updated to SR15 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVE-2012-3216 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089
    last seen2020-06-05
    modified2012-11-19
    plugin id62962
    published2012-11-19
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62962
    titleSuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 8362) (ROBOT)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20121018_JAVA_1_6_0_SUN_ON_SL5_X.NASL
    descriptionAs a reminder, the openjdk Java environment is available in Scientific Linux 5. Updates for openjdk are released in a similar manner to other security updates. Scientific Linux 6 does not bundle the closed source Java environment. All running instances of Sun/Oracle Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2012-10-31
    plugin id62773
    published2012-10-31
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62773
    titleScientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20121018) (ROBOT)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_6_0-OPENJDK-121023.NASL
    descriptionjava-openjdk was upgraded to version 1.11.5 to fix various security and non-security issues.
    last seen2020-06-05
    modified2013-01-25
    plugin id64169
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64169
    titleSuSE 11.2 Security Update : OpenJDK (SAT Patch Number 6987)
  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_OCT_2012.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 9 / 6 Update 37 / 5.0 Update 38 / 1.4.2_40 and is, therefore, potentially affected by security issues in the following components : - 2D - Beans - Concurrency - Deployment - Hotspot - JAX-WS - JMX - JSSE - Libraries - Networking - Security - Swing
    last seen2020-06-01
    modified2020-06-02
    plugin id62593
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62593
    titleOracle Java SE Multiple Vulnerabilities (October 2012 CPU)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_JAVA_2012-006.NASL
    descriptionThe remote Mac OS X 10.7 or 10.8 host has a Java runtime that is missing the Java for OS X 2012-006 update, which updates the Java version to 1.6.0_37. It is, therefore, affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the privileges of the current user outside the Java sandbox.
    last seen2019-10-28
    modified2012-10-17
    plugin id62595
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62595
    titleMac OS X : Java for OS X 2012-006
  • NASL familyWindows
    NASL idORACLE_JROCKIT_CPU_OCT_2012.NASL
    descriptionThe remote host has a version of Oracle JRockit that is affected by multiple vulnerabilities that could allow a remote attacker to execute arbitrary code via unspecified vectors.
    last seen2020-06-01
    modified2020-06-02
    plugin id76590
    published2014-07-18
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76590
    titleOracle JRockit R27 < R27.7.4.5 / R28 < R28.2.5.20 Multiple Vulnerabilities (October 2012 CPU)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201401-30.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201401-30 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id72139
    published2014-01-27
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72139
    titleGLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1466.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1682, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR12 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62931
    published2012-11-16
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62931
    titleRHEL 5 / 6 : java-1.6.0-ibm (RHSA-2012:1466) (ROBOT)
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_OCT_2012_UNIX.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 9 / 6 Update 37 / 5.0 Update 38 / 1.4.2_40 and is, therefore, potentially affected by security issues in the following components : - 2D - Beans - Concurrency - Deployment - Hotspot - JAX-WS - JMX - JSSE - Libraries - Networking - Security - Swing
    last seen2020-06-01
    modified2020-06-02
    plugin id64849
    published2013-02-22
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64849
    titleOracle Java SE Multiple Vulnerabilities (October 2012 CPU) (Unix)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_JAVA-1_6_0-IBM-8383.NASL
    descriptionIBM Java 1.6.0 has been updated to SR12 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159 / CVE-2012-3216 / CVE-2012-5068 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-5072 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-1532 / CVE-2012-1533 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089
    last seen2020-06-05
    modified2012-11-29
    plugin id63092
    published2012-11-29
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63092
    titleSuSE 10 Security Update : IBM Java 1.6.0 (ZYPP Patch Number 8383) (ROBOT)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1392.NASL
    descriptionUpdated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory and Oracle Security Alert pages, listed in the References section. (CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5089) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 37. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62636
    published2012-10-19
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62636
    titleRHEL 5 / 6 : java-1.6.0-sun (RHSA-2012:1392)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_4_2-IBM-121113.NASL
    descriptionIBM Java 1.4.2 has been updated to SR13-FP14 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3216 / CVE-2012-5073 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-5084 / CVE-2012-5079
    last seen2020-06-05
    modified2013-01-25
    plugin id64163
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64163
    titleSuSE 11.2 Security Update : IBM Java 1.4.2 (SAT Patch Number 7043)
  • NASL familyMisc.
    NASL idVMWARE_ESX_VMSA-2013-0003_REMOTE.NASL
    descriptionThe remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - Java Runtime Environment (JRE) - Network File Copy (NFC) Protocol - OpenSSL
    last seen2020-06-01
    modified2020-06-02
    plugin id89663
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89663
    titleVMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1465.NASL
    descriptionUpdated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-3143, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5069, CVE-2012-5071, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR15 release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62930
    published2012-11-16
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62930
    titleRHEL 5 / 6 : java-1.5.0-ibm (RHSA-2012:1465) (ROBOT)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1485.NASL
    descriptionUpdated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This is the last update of these packages for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-5073, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084) This is the last update of the java-1.4.2-ibm packages in Red Hat Enterprise Linux 5 Supplementary. Customers are advised to migrate to later versions of Java at this time. More current versions of IBM Java SE continue to be available via the Red Hat Enterprise Linux 5 Supplementary channel. Customers should also consider OpenJDK which is the default Java development and runtime environment in Red Hat Enterprise Linux. In cases where it is not feasible to move to a later version of supported Java, customers are advised to contact IBM to evaluate other options. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM J2SE 1.4.2 SR13-FP14 release. All running instances of IBM Java must be restarted for this update to take effect
    last seen2020-06-01
    modified2020-06-02
    plugin id64063
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/64063
    titleRHEL 5 : java-1.4.2-ibm (RHSA-2012:1485) (ROBOT)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_7_0-IBM-121113.NASL
    descriptionIBM Java 1.7.0 has been updated to SR3 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159 / CVE-2012-3216 / CVE-2012-5070 / CVE-2012-5067 / CVE-2012-3143 / CVE-2012-5076 / CVE-2012-5077 / CVE-2012-5073 / CVE-2012-5074 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-5072 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-1532 / CVE-2012-1533 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5087 / CVE-2012-5086 / CVE-2012-5079 / CVE-2012-5088 / CVE-2012-5089
    last seen2020-06-05
    modified2013-01-25
    plugin id64171
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64171
    titleSuSE 11.2 Security Update : IBM Java 1.7.0 (SAT Patch Number 7046)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-1456.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.5. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.5 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id78976
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78976
    titleRHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1456) (ROBOT)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_JAVA_10_6_UPDATE11.NASL
    descriptionThe remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 11, which updates the Java version to 1.6.0_37. It is, therefore, affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the privileges of the current user outside the Java sandbox.
    last seen2019-10-28
    modified2012-10-17
    plugin id62594
    published2012-10-17
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62594
    titleMac OS X : Java for Mac OS X 10.6 Update 11
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1467.NASL
    descriptionUpdated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1718, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823, CVE-2012-5067, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR3 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62932
    published2012-11-16
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62932
    titleRHEL 6 : java-1.7.0-ibm (RHSA-2012:1467) (ROBOT)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1619-1.NASL
    descriptionSeveral information disclosure vulnerabilities were discovered in the OpenJDK JRE. (CVE-2012-3216, CVE-2012-5069, CVE-2012-5072, CVE-2012-5075, CVE-2012-5077, CVE-2012-5085) Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2012-4416, CVE-2012-5071) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-5068, CVE-2012-5083, CVE-2012-5084, CVE-2012-5086, CVE-2012-5089) Information disclosure vulnerabilities were discovered in the OpenJDK JRE. These issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070) Vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2012-5073, CVE-2012-5079) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. This issue only affected Ubuntu 12.10. (CVE-2012-5074) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5076, CVE-2012-5087, CVE-2012-5088) A denial of service vulnerability was found in OpenJDK. (CVE-2012-5081) Please see the following for more information: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-15159 24.html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62709
    published2012-10-26
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62709
    titleUbuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS / 12.10 : openjdk-6, openjdk-7 vulnerabilities (USN-1619-1) (ROBOT)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2012-1489-1.NASL
    descriptionIBM Java 1.5.0 has been updated to SR15 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3216, CVE-2012-3143, CVE-2012-5073, CVE-2012-5075, CVE-2012-5083, CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, CVE-2012-5069, CVE-2012-5071, CVE-2012-5084, CVE-2012-5079, CVE-2012-5089 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83566
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83566
    titleSUSE SLED10 / SLES10 Security Update : IBM Java 1.5.0 (SUSE-SU-2012:1489-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2012-1489-2.NASL
    descriptionIBM Java 1.7.0 has been updated to SR3 which fixes bugs and security issues. More information can be found on : http://www.ibm.com/developerworks/java/jdk/alerts/ CVEs fixed: CVE-2012-3159, CVE-2012-3216, CVE-2012-5070, CVE-2012-5067, CVE-2012-3143, CVE-2012-5076, CVE-2012-5077, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5083, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-1532, CVE-2012-1533, CVE-2012-5069, CVE-2012-5071, CVE-2012-5084, CVE-2012-5087, CVE-2012-5086, CVE-2012-5079, CVE-2012-5088, CVE-2012-5089 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83567
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83567
    titleSUSE SLES11 Security Update : IBM Java 1.7.0 (SUSE-SU-2012:1489-2)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-1455.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.4 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id78975
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78975
    titleRHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-1391.NASL
    descriptionUpdated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089) All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 9. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id62635
    published2012-10-19
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62635
    titleRHEL 6 : java-1.7.0-oracle (RHSA-2012:1391)

Oval

accepted2015-03-23T04:00:52.859-04:00
classvulnerability
contributors
  • nameSergey Artykhov
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
  • nameMaria Mikhno
    organizationALTX-SOFT
definition_extensions
  • commentJava SE Runtime Environment 4 is installed
    ovaloval:org.mitre.oval:def:16482
  • commentJava SE Runtime Environment 5 is installed
    ovaloval:org.mitre.oval:def:15748
  • commentJava SE Runtime Environment 6 is installed
    ovaloval:org.mitre.oval:def:16362
  • commentJava SE Runtime Environment 7 is installed
    ovaloval:org.mitre.oval:def:16050
  • commentJavaFX 2.x is installed
    ovaloval:org.mitre.oval:def:16479
descriptionUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
familywindows
idoval:org.mitre.oval:def:16546
statusaccepted
submitted2013-04-17T10:26:26.748+04:00
title confidentiality, integrity, and availability via unknown vectors related to 2D.
version10

Redhat

advisories
  • rhsa
    idRHSA-2012:1391
  • rhsa
    idRHSA-2012:1392
  • rhsa
    idRHSA-2012:1465
  • rhsa
    idRHSA-2012:1466
  • rhsa
    idRHSA-2012:1467
  • rhsa
    idRHSA-2013:1455
  • rhsa
    idRHSA-2013:1456
rpms
  • java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3
  • java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3
  • java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3
  • java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3
  • java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3
  • java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3
  • java-1.6.0-sun-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-1:1.6.0.37-1jpp.1.el6_3
  • java-1.6.0-sun-demo-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-demo-1:1.6.0.37-1jpp.1.el6_3
  • java-1.6.0-sun-devel-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-devel-1:1.6.0.37-1jpp.1.el6_3
  • java-1.6.0-sun-jdbc-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-jdbc-1:1.6.0.37-1jpp.1.el6_3
  • java-1.6.0-sun-plugin-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-plugin-1:1.6.0.37-1jpp.1.el6_3
  • java-1.6.0-sun-src-1:1.6.0.37-1jpp.1.el5_8
  • java-1.6.0-sun-src-1:1.6.0.37-1jpp.1.el6_3
  • java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-accessibility-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-demo-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-demo-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-devel-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-devel-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-javacomm-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-javacomm-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-jdbc-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-jdbc-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-plugin-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-plugin-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.5.0-ibm-src-1:1.5.0.15.0-1jpp.1.el5_8
  • java-1.5.0-ibm-src-1:1.5.0.15.0-1jpp.1.el6_3
  • java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-accessibility-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-demo-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-demo-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-devel-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-devel-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-javacomm-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-javacomm-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-jdbc-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-jdbc-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-plugin-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-plugin-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.6.0-ibm-src-1:1.6.0.12.0-1jpp.1.el5_8
  • java-1.6.0-ibm-src-1:1.6.0.12.0-1jpp.1.el6_3
  • java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.7.0-ibm-demo-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.7.0-ibm-devel-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.7.0-ibm-jdbc-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.7.0-ibm-plugin-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.7.0-ibm-src-1:1.7.0.3.0-1jpp.2.el6_3
  • java-1.4.2-ibm-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-demo-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-devel-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-javacomm-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-jdbc-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-plugin-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.4.2-ibm-src-0:1.4.2.13.14-1jpp.1.el5_8
  • java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el5_9
  • java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4
  • java-1.6.0-ibm-devel-1:1.6.0.14.0-1jpp.1.el5_9
  • java-1.6.0-ibm-devel-1:1.6.0.14.0-1jpp.1.el6_4
  • java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el5_9
  • java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4
  • java-1.6.0-ibm-devel-1:1.6.0.14.0-1jpp.1.el5_9
  • java-1.6.0-ibm-devel-1:1.6.0.14.0-1jpp.1.el6_4

References