Vulnerabilities > CVE-2015-0488 - Unspecified vulnerability in Oracle Jdk, JRE and Jrockit

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
oracle
nessus

Summary

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE. Per Oracle: Applies to client and server deployment of JSSE. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-212.NASL
    descriptionUpdated java-1.7.0 packages fix security vulnerabilities : An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions (CVE-2015-0469). A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions (CVE-2015-0460). A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly (CVE-2015-0488). A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions (CVE-2015-0477). A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted (CVE-2005-1080, CVE-2015-0480). It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures (CVE-2015-0478).
    last seen2020-06-01
    modified2020-06-02
    plugin id83104
    published2015-04-28
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83104
    titleMandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2015:212)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2015:212. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(83104);
      script_version("2.3");
      script_cvs_date("Date: 2019/08/02 13:32:57");
    
      script_cve_id("CVE-2005-1080", "CVE-2015-0460", "CVE-2015-0469", "CVE-2015-0477", "CVE-2015-0478", "CVE-2015-0480", "CVE-2015-0488");
      script_bugtraq_id(13083, 74072, 74097, 74104, 74111, 74119, 74147);
      script_xref(name:"MDVSA", value:"2015:212");
    
      script_name(english:"Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2015:212)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated java-1.7.0 packages fix security vulnerabilities :
    
    An off-by-one flaw, leading to a buffer overflow, was found in the
    font parsing code in the 2D component in OpenJDK. A specially crafted
    font file could possibly cause the Java Virtual Machine to execute
    arbitrary code, allowing an untrusted Java application or applet to
    bypass Java sandbox restrictions (CVE-2015-0469).
    
    A flaw was found in the way the Hotspot component in OpenJDK handled
    phantom references. An untrusted Java application or applet could use
    this flaw to corrupt the Java Virtual Machine memory and, possibly,
    execute arbitrary code, bypassing Java sandbox restrictions
    (CVE-2015-0460).
    
    A flaw was found in the way the JSSE component in OpenJDK parsed X.509
    certificate options. A specially crafted certificate could cause JSSE
    to raise an exception, possibly causing an application using JSSE to
    exit unexpectedly (CVE-2015-0488).
    
    A flaw was discovered in the Beans component in OpenJDK. An untrusted
    Java application or applet could use this flaw to bypass certain Java
    sandbox restrictions (CVE-2015-0477).
    
    A directory traversal flaw was found in the way the jar tool extracted
    JAR archive files. A specially crafted JAR archive could cause jar to
    overwrite arbitrary files writable by the user running jar when the
    archive was extracted (CVE-2005-1080, CVE-2015-0480).
    
    It was found that the RSA implementation in the JCE component in
    OpenJDK did not follow recommended practices for implementing RSA
    signatures (CVE-2015-0478)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2015-0158.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-accessibility");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.7.0-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-accessibility-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-demo-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-devel-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-headless-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", reference:"java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.5.1.mbs1")) flag++;
    if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"java-1.7.0-openjdk-src-1.7.0.65-2.5.5.1.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0806.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82801
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82801
    titleCentOS 6 / 7 : java-1.7.0-openjdk (CESA-2015:0806)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2015:0806 and 
    # CentOS Errata and Security Advisory 2015:0806 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82801);
      script_version("1.12");
      script_cvs_date("Date: 2020/01/02");
    
      script_cve_id("CVE-2005-1080", "CVE-2015-0460", "CVE-2015-0469", "CVE-2015-0477", "CVE-2015-0478", "CVE-2015-0480", "CVE-2015-0488");
      script_bugtraq_id(13083, 74072, 74097, 74104, 74111, 74119, 74147);
      script_xref(name:"RHSA", value:"2015:0806");
    
      script_name(english:"CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2015:0806)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated java-1.7.0-openjdk packages that fix multiple security issues
    are now available for Red Hat Enterprise Linux 6 and 7.
    
    Red Hat Product Security has rated this update as having Critical
    security impact. Common Vulnerability Scoring System (CVSS) base
    scores, which give detailed severity ratings, are available for each
    vulnerability from the CVE links in the References section.
    
    The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
    Environment and the OpenJDK 7 Java Software Development Kit.
    
    An off-by-one flaw, leading to a buffer overflow, was found in the
    font parsing code in the 2D component in OpenJDK. A specially crafted
    font file could possibly cause the Java Virtual Machine to execute
    arbitrary code, allowing an untrusted Java application or applet to
    bypass Java sandbox restrictions. (CVE-2015-0469)
    
    A flaw was found in the way the Hotspot component in OpenJDK handled
    phantom references. An untrusted Java application or applet could use
    this flaw to corrupt the Java Virtual Machine memory and, possibly,
    execute arbitrary code, bypassing Java sandbox restrictions.
    (CVE-2015-0460)
    
    A flaw was found in the way the JSSE component in OpenJDK parsed X.509
    certificate options. A specially crafted certificate could cause JSSE
    to raise an exception, possibly causing an application using JSSE to
    exit unexpectedly. (CVE-2015-0488)
    
    A flaw was discovered in the Beans component in OpenJDK. An untrusted
    Java application or applet could use this flaw to bypass certain Java
    sandbox restrictions. (CVE-2015-0477)
    
    A directory traversal flaw was found in the way the jar tool extracted
    JAR archive files. A specially crafted JAR archive could cause jar to
    overwrite arbitrary files writable by the user running jar when the
    archive was extracted. (CVE-2005-1080, CVE-2015-0480)
    
    It was found that the RSA implementation in the JCE component in
    OpenJDK did not follow recommended practices for implementing RSA
    signatures. (CVE-2015-0478)
    
    The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat
    Product Security.
    
    Note: If the web browser plug-in provided by the icedtea-web package
    was installed, the issues exposed via Java applets could have been
    exploited without user interaction if a user visited a malicious
    website.
    
    All users of java-1.7.0-openjdk are advised to upgrade to these
    updated packages, which resolve these issues. All running instances of
    OpenJDK Java must be restarted for the update to take effect."
      );
      # https://lists.centos.org/pipermail/centos-announce/2015-April/021066.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9af97afb"
      );
      # https://lists.centos.org/pipermail/centos-announce/2015-April/021069.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a9212bd5"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected java-1.7.0-openjdk packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-0469");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-accessibility");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2015/04/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x / 7.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-1.7.0.79-2.5.5.1.el6_6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-demo-1.7.0.79-2.5.5.1.el6_6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-devel-1.7.0.79-2.5.5.1.el6_6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-javadoc-1.7.0.79-2.5.5.1.el6_6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-src-1.7.0.79-2.5.5.1.el6_6")) flag++;
    
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-accessibility-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-demo-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-devel-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-headless-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-javadoc-1.7.0.79-2.5.5.1.el7_1")) flag++;
    if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"java-1.7.0-openjdk-src-1.7.0.79-2.5.5.1.el7_1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1086-2.NASL
    descriptionIBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84337
    published2015-06-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84337
    titleSUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-2) (Bar Mitzvah) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_7_0-OPENJDK-150419.NASL
    descriptionOpenJDK was updated to version 2.5.5 - OpenJDK 7u79 to fix security issues and bugs. The following vulnerabilities have been fixed : - Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0458) - 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0459) - Hotspot: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0460) - 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0469) - Beans: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols. (CVE-2015-0477) - JCE: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols. (CVE-2015-0478) - Tools: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols and cause a partial denial of service (partial DOS). (CVE-2015-0480) - JavaFX: unauthenticated remote attackers could read, update, insert or delete access some Java accessible data via multiple protocols and cause a partial denial of service (partial DOS). (CVE-2015-0484) - JSSE: unauthenticated remote attackers could cause a partial denial of service (partial DOS). (CVE-2015-0488) - 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0491) - JavaFX: unauthenticated remote attackers could execute arbitrary code via multiple protocols. (CVE-2015-0492)
    last seen2020-06-01
    modified2020-06-02
    plugin id83287
    published2015-05-08
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83287
    titleSuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 10621)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2216-1.NASL
    descriptionThe java-1_7_0-ibm package was updated to version 7.0-9.20 to fix several security and non security issues : - bnc#955131: Version update to 7.0-9.20: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 - Add backcompat symlinks for sdkdir - bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87277
    published2015-12-09
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87277
    titleSUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:2216-1) (FREAK)
  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_APR_2015.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 45, 7 Update 79, 6 Update 95, or 5 Update 85. It is, therefore, affected by security vulnerabilities in the following components : - 2D - Beans - Deployment - Hotspot - JavaFX - JCE - JSSE - Tools
    last seen2020-06-01
    modified2020-06-02
    plugin id82820
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82820
    titleOracle Java SE Multiple Vulnerabilities (April 2015 CPU) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1138-1.NASL
    descriptionIBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84425
    published2015-06-26
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84425
    titleSUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1138-1) (Bar Mitzvah) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1091.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Satellite 5.6 and 5.7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to from the References section, for additional details about this change. Users of Red Hat Satellite 5.6 and 5.7 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR16-FP4 release. For this update to take effect, Red Hat Satellite must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id84143
    published2015-06-12
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84143
    titleRHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1091) (Bar Mitzvah)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3316.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography.
    last seen2020-06-01
    modified2020-06-02
    plugin id85031
    published2015-07-28
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85031
    titleDebian DSA-3316-1 : openjdk-7 - security update (Bar Mitzvah) (Logjam)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-332.NASL
    descriptionOpenJDK was updated to jdk8u45-b14 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0460: Hotspot: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0469: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0470: Hotspot: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols - CVE-2015-0477: Beans: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols - CVE-2015-0478: JCE: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols - CVE-2015-0480: Tools: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols and cause a partial denial of service (partial DOS) - CVE-2015-0484: JavaFX: unauthenticated remote attackers could read, update, insert or delete access some Java accessible data via multiple protocols and cause a partial denial of service (partial DOS). - CVE-2015-0486: Deployment: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols - CVE-2015-0488: JSSE: unauthenticated remote attackers could cause a partial denial of service (partial DOS). - CVE-2015-0491: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0492: JavaFX: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
    last seen2020-06-05
    modified2015-04-28
    plugin id83107
    published2015-04-28
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83107
    titleopenSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-332)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1006.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to from the References section, for additional details about this change. All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR16-FP4 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id83432
    published2015-05-13
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83432
    titleRHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1006) (Bar Mitzvah)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2168-2.NASL
    descriptionThe java-1_7_1-ibm package was updated to versioin 7.1-3.20 to fix several security and non security issues : - bnc#955131: Version update to 7.1-3.20: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 - Add backcompat symlinks for sdkdir - bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87404
    published2015-12-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87404
    titleSUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-2) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0808.NASL
    descriptionUpdated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82810
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82810
    titleRHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:0808)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1086-4.NASL
    descriptionIBM Java 1.7.0 was updated to SR9 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84441
    published2015-06-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84441
    titleSUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1086-4) (Bar Mitzvah) (FREAK)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-213.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. For Debian 6
    last seen2020-03-17
    modified2015-05-01
    plugin id83165
    published2015-05-01
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83165
    titleDebian DLA-213-1 : openjdk-6 security update
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150415_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-04-16
    plugin id82813
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82813
    titleScientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/srpm/x86_64 (20150415)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2192-1.NASL
    descriptionThis update for java-1_6_0-ibm fixes the following issues : - Version update to 6.0-16.15 bsc#955131: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 - Add backcompat symlinks for sdkdir - Fix baselibs.conf policy symlinking - Fix bsc#941939 to provide %{name} instead of %{sdklnk} only in _jvmprivdir Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-24
    modified2019-01-02
    plugin id119972
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119972
    titleSUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2192-1) (Bar Mitzvah) (FREAK)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2573-1.NASL
    descriptionSeveral vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this expose sensitive data over the network. (CVE-2015-0477) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2015-0488). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id82991
    published2015-04-22
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82991
    titleUbuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2573-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1161-1.NASL
    descriptionIBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: [http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Updat e_May _2015](http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security _Upda te_May_2015) CVEs addressed: CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Additional bugs fixed : - Fix javaws/plugin stuff should slave plugin update-alternatives (bnc#912434) - Changed Java to use the system root CA certificates (bnc#912447) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-24
    modified2019-01-02
    plugin id119967
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119967
    titleSUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1161-1) (Bar Mitzvah) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2182-1.NASL
    descriptionThe java-1_7_1-ibm package was updated to version 7.1-3.20 to fix several security and non security issues : - bnc#955131: Version update to 7.1-3.20: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 - Add backcompat symlinks for sdkdir - bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87200
    published2015-12-04
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87200
    titleSUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2182-1) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1021.NASL
    descriptionUpdated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to in the References section, for additional details about this change. IBM Java SDK and JRE 5.0 will not receive software updates after September 2015. This date is referred to as the End of Service (EOS) date. Customers are advised to migrate to current versions of IBM Java at this time. IBM Java SDK and JRE versions 6 and 7 are available via the Red Hat Enterprise Linux 5 and 6 Supplementary content sets and will continue to receive updates based on IBM
    last seen2020-06-01
    modified2020-06-02
    plugin id83754
    published2015-05-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83754
    titleRHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1021) (Bar Mitzvah)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1086-3.NASL
    descriptionIBM Java 1.7.0 was updated to SR9 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84423
    published2015-06-26
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84423
    titleSUSE SLES11 Security Update : Java (SUSE-SU-2015:1086-3) (Bar Mitzvah) (FREAK)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0808.NASL
    descriptionUpdated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82803
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82803
    titleCentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2015:0808)
  • NASL familyAIX Local Security Checks
    NASL idAIX_JAVA_APRIL2015_ADVISORY.NASL
    descriptionThe version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities : - The Global Security Kit (GSKit) contains a flaw due to improper restrictions of TLS state transitions. A man-in-the-middle attacker can exploit this to downgrade the security of a session to use EXPORT_RSA ciphers. This allows the attacker to more easily break the encryption and monitor or tamper with the encrypted stream. (CVE-2015-0138) - An unspecified flaw exists that allows an attacker to execute code running under a security manager with elevated privileges.(CVE-2015-0192) - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204) - Multiple unspecified vulnerabilities exist in multiple Java subcomponents including 2D, Beans, Deployment, JCE, JSSE, and tools. (CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491) - An unspecified flaw exists that allows a remote attacker to bypass permission checks and gain access to sensitive information. (CVE-2015-1914) - An unspecified flaw exists due to the Socket Extension Provider
    last seen2020-06-01
    modified2020-06-02
    plugin id84087
    published2015-06-10
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84087
    titleAIX Java Advisory : java_april2015_advisory.asc (Bar Mitzvah) (FREAK)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0807.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82802
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82802
    titleCentOS 5 : java-1.7.0-openjdk (CESA-2015:0807)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0807.NASL
    descriptionFrom Red Hat Security Advisory 2015:0807 : Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82808
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82808
    titleOracle Linux 5 : java-1.7.0-openjdk (ELSA-2015-0807)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0806.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82809
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82809
    titleRHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2015:0806)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3235.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id83063
    published2015-04-27
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83063
    titleDebian DSA-3235-1 : openjdk-7 - security update
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150415_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-04-16
    plugin id82816
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82816
    titleScientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/srpm/x86_64 (20150415)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-517.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477 , CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080 , CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478)
    last seen2020-06-01
    modified2020-06-02
    plugin id83268
    published2015-05-07
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83268
    titleAmazon Linux AMI : java-1.8.0-openjdk (ALAS-2015-517)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0854.NASL
    descriptionUpdated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.8.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 8 Update 45 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82897
    published2015-04-20
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82897
    titleRHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:0854)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201603-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201603-11 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities exist in both Oracle&rsquo;s JRE and JDK. Please review the referenced CVE&rsquo;s for additional information. Impact : Remote attackers could gain access to information, remotely execute arbitrary code, and cause Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id89904
    published2016-03-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89904
    titleGLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150415_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-04-16
    plugin id82815
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82815
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/srpm/x86_64 (20150415)
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_APR_2015_UNIX.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 45, 7 Update 79, 6 Update 95, or 5 Update 85. It is, therefore, affected by security vulnerabilities in the following components : - 2D - Beans - Deployment - Hotspot - JavaFX - JCE - JSSE - Tools
    last seen2020-06-01
    modified2020-06-02
    plugin id82821
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82821
    titleOracle Java SE Multiple Vulnerabilities (April 2015 CPU) (Unix) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-331.NASL
    descriptionOpenJDK was updated to 2.5.5 - OpenJdk 7u79 to fix security issues and bugs : The following vulnerabilities were fixed : - CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0460: Hotspot: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0469: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0477: Beans: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols - CVE-2015-0478: JCE: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols - CVE-2015-0480: Tools: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols and cause a partial denial of service (partial DOS) - CVE-2015-0484: JavaFX: unauthenticated remote attackers could read, update, insert or delete access some Java accessible data via multiple protocols and cause a partial denial of service (partial DOS). - CVE-2015-0488: JSSE: unauthenticated remote attackers could cause a partial denial of service (partial DOS). - CVE-2015-0491: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols. - CVE-2015-0492: JavaFX: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
    last seen2020-06-05
    modified2015-04-28
    plugin id83106
    published2015-04-28
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83106
    titleopenSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-331)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-516.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080 , CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478)
    last seen2020-06-01
    modified2020-06-02
    plugin id83059
    published2015-04-27
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83059
    titleAmazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-516)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3234.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id83062
    published2015-04-27
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83062
    titleDebian DSA-3234-1 : openjdk-6 - security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0806.NASL
    descriptionFrom Red Hat Security Advisory 2015:0806 : Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82787
    published2015-04-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82787
    titleOracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2015-0806)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0808.NASL
    descriptionFrom Red Hat Security Advisory 2015:0808 : Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82788
    published2015-04-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82788
    titleOracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2015-0808)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0858.NASL
    descriptionUpdated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 95 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82910
    published2015-04-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82910
    titleRHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:0858)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0809.NASL
    descriptionUpdated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82804
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82804
    titleCentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:0809)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0113-1.NASL
    descriptionThis version update for java-1_6_0-ibm to version 6.0.16.15 fixes the following issues : CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 For more information please visit: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id87914
    published2016-01-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87914
    titleSUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0113-1) (Bar Mitzvah) (FREAK)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150415_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-04-16
    plugin id82814
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82814
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20150415)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0807.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82791
    published2015-04-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82791
    titleRHEL 5 : java-1.7.0-openjdk (RHSA-2015:0807)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2574-1.NASL
    descriptionSeveral vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this expose sensitive data over the network. (CVE-2015-0477) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2015-0488). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id82992
    published2015-04-22
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82992
    titleUbuntu 14.04 LTS / 14.10 : openjdk-7 vulnerabilities (USN-2574-1)
  • NASL familyWindows
    NASL idORACLE_JROCKIT_CPU_APR_2015.NASL
    descriptionThe remote Windows host has a version of Oracle JRockit installed that is affected by multiple vulnerabilities : - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204) - A flaw exists in the Java Cryptography Extension (JCE) subcomponent due to an implementation error in the RSA signature. A remote attacker can exploit this flaw to disclose sensitive information. (CVE-2015-0478) - A flaw exists in the JSSE subcomponent due to improper parsing of X.509 certificate options. A remote attacker can exploit this flaw to trigger an application termination, resulting in a denial of service. (CVE-2015-0488)
    last seen2020-06-01
    modified2020-06-02
    plugin id82830
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82830
    titleOracle JRockit R28.3.5 Multiple Vulnerabilities (April 2015 CPU) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0809.NASL
    descriptionUpdated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82811
    published2015-04-16
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82811
    titleRHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2015:0809)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-515.NASL
    descriptionAn off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080 , CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478)
    last seen2020-06-01
    modified2020-06-02
    plugin id83058
    published2015-04-27
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83058
    titleAmazon Linux AMI : java-1.6.0-openjdk (ALAS-2015-515)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0857.NASL
    descriptionUpdated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2005-1080, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 79 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82909
    published2015-04-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82909
    titleRHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:0857)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1086-1.NASL
    descriptionIBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84286
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84286
    titleSUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-1) (Bar Mitzvah) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2168-1.NASL
    descriptionThe java-1_7_1-ibm package was updated to versioin 7.1-3.20 to fix several security and non security issues : - bnc#955131: Version update to 7.1-3.20: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 - Add backcompat symlinks for sdkdir - bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87181
    published2015-12-03
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87181
    titleSUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-1) (FREAK)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-2166-1.NASL
    descriptionThis update for java-1_6_0-ibm fixes the following issues : - Version update to 6.0-16.15 bsc#955131: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469 CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477 CVE-2015-0204 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id87180
    published2015-12-03
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87180
    titleSUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2166-1) (Bar Mitzvah) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1020.NASL
    descriptionUpdated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to in the References section, for additional details about this change. All users of java-1.7.1-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7R1 SR3 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id83753
    published2015-05-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83753
    titleRHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1020) (Bar Mitzvah)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1085-1.NASL
    descriptionIBM Java 1.5.0 was updated to SR16-FP10 fixing security issues and bugs. Tabulated information can be found on: <a href=
    last seen2020-06-01
    modified2020-06-02
    plugin id84285
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84285
    titleSUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1085-1) (Bar Mitzvah) (FREAK)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1007.NASL
    descriptionUpdated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM JDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to from the References section, for additional details about this change. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR9 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id83433
    published2015-05-13
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83433
    titleRHEL 5 : java-1.7.0-ibm (RHSA-2015:1007) (Bar Mitzvah)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0809.NASL
    descriptionFrom Red Hat Security Advisory 2015:0809 : Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id82789
    published2015-04-15
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82789
    titleOracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2015-0809)

Redhat

advisories
  • bugzilla
    id1211543
    titleCVE-2015-0488 OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentjava-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.79-2.5.5.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150806001
          • commentjava-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009002
        • AND
          • commentjava-1.7.0-openjdk-demo is earlier than 1:1.7.0.79-2.5.5.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150806003
          • commentjava-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009008
        • AND
          • commentjava-1.7.0-openjdk-src is earlier than 1:1.7.0.79-2.5.5.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150806005
          • commentjava-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009006
        • AND
          • commentjava-1.7.0-openjdk-devel is earlier than 1:1.7.0.79-2.5.5.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150806007
          • commentjava-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009004
        • AND
          • commentjava-1.7.0-openjdk is earlier than 1:1.7.0.79-2.5.5.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150806009
          • commentjava-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009010
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentjava-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806012
          • commentjava-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009002
        • AND
          • commentjava-1.7.0-openjdk-src is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806013
          • commentjava-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009006
        • AND
          • commentjava-1.7.0-openjdk-devel is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806014
          • commentjava-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009004
        • AND
          • commentjava-1.7.0-openjdk-accessibility is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806015
          • commentjava-1.7.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140675010
        • AND
          • commentjava-1.7.0-openjdk-demo is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806017
          • commentjava-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009008
        • AND
          • commentjava-1.7.0-openjdk-headless is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806018
          • commentjava-1.7.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140675006
        • AND
          • commentjava-1.7.0-openjdk is earlier than 1:1.7.0.79-2.5.5.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150806020
          • commentjava-1.7.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121009010
    rhsa
    idRHSA-2015:0806
    released2015-04-15
    severityCritical
    titleRHSA-2015:0806: java-1.7.0-openjdk security update (Critical)
  • bugzilla
    id1211543
    titleCVE-2015-0488 OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentjava-1.7.0-openjdk is earlier than 1:1.7.0.79-2.5.5.2.el5_11
            ovaloval:com.redhat.rhsa:tst:20150807001
          • commentjava-1.7.0-openjdk is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20130165004
        • AND
          • commentjava-1.7.0-openjdk-src is earlier than 1:1.7.0.79-2.5.5.2.el5_11
            ovaloval:com.redhat.rhsa:tst:20150807003
          • commentjava-1.7.0-openjdk-src is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20130165010
        • AND
          • commentjava-1.7.0-openjdk-devel is earlier than 1:1.7.0.79-2.5.5.2.el5_11
            ovaloval:com.redhat.rhsa:tst:20150807005
          • commentjava-1.7.0-openjdk-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20130165008
        • AND
          • commentjava-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.79-2.5.5.2.el5_11
            ovaloval:com.redhat.rhsa:tst:20150807007
          • commentjava-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20130165002
        • AND
          • commentjava-1.7.0-openjdk-demo is earlier than 1:1.7.0.79-2.5.5.2.el5_11
            ovaloval:com.redhat.rhsa:tst:20150807009
          • commentjava-1.7.0-openjdk-demo is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20130165006
    rhsa
    idRHSA-2015:0807
    released2015-04-14
    severityImportant
    titleRHSA-2015:0807: java-1.7.0-openjdk security update (Important)
  • bugzilla
    id1211543
    titleCVE-2015-0488 OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentjava-1.6.0-openjdk is earlier than 1:1.6.0.35-1.13.7.1.el5_11
            ovaloval:com.redhat.rhsa:tst:20150808001
          • commentjava-1.6.0-openjdk is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20090377008
        • AND
          • commentjava-1.6.0-openjdk-devel is earlier than 1:1.6.0.35-1.13.7.1.el5_11
            ovaloval:com.redhat.rhsa:tst:20150808003
          • commentjava-1.6.0-openjdk-devel is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20090377002
        • AND
          • commentjava-1.6.0-openjdk-src is earlier than 1:1.6.0.35-1.13.7.1.el5_11
            ovaloval:com.redhat.rhsa:tst:20150808005
          • commentjava-1.6.0-openjdk-src is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20090377010
        • AND
          • commentjava-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.35-1.13.7.1.el5_11
            ovaloval:com.redhat.rhsa:tst:20150808007
          • commentjava-1.6.0-openjdk-javadoc is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20090377004
        • AND
          • commentjava-1.6.0-openjdk-demo is earlier than 1:1.6.0.35-1.13.7.1.el5_11
            ovaloval:com.redhat.rhsa:tst:20150808009
          • commentjava-1.6.0-openjdk-demo is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhsa:tst:20090377006
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentjava-1.6.0-openjdk is earlier than 1:1.6.0.35-1.13.7.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150808012
          • commentjava-1.6.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865010
        • AND
          • commentjava-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.35-1.13.7.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150808014
          • commentjava-1.6.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865006
        • AND
          • commentjava-1.6.0-openjdk-devel is earlier than 1:1.6.0.35-1.13.7.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150808016
          • commentjava-1.6.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865008
        • AND
          • commentjava-1.6.0-openjdk-demo is earlier than 1:1.6.0.35-1.13.7.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150808018
          • commentjava-1.6.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865002
        • AND
          • commentjava-1.6.0-openjdk-src is earlier than 1:1.6.0.35-1.13.7.1.el6_6
            ovaloval:com.redhat.rhsa:tst:20150808020
          • commentjava-1.6.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865004
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentjava-1.6.0-openjdk-src is earlier than 1:1.6.0.35-1.13.7.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150808023
          • commentjava-1.6.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865004
        • AND
          • commentjava-1.6.0-openjdk-demo is earlier than 1:1.6.0.35-1.13.7.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150808024
          • commentjava-1.6.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865002
        • AND
          • commentjava-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.35-1.13.7.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150808025
          • commentjava-1.6.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865006
        • AND
          • commentjava-1.6.0-openjdk-devel is earlier than 1:1.6.0.35-1.13.7.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150808026
          • commentjava-1.6.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865008
        • AND
          • commentjava-1.6.0-openjdk is earlier than 1:1.6.0.35-1.13.7.1.el7_1
            ovaloval:com.redhat.rhsa:tst:20150808027
          • commentjava-1.6.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100865010
    rhsa
    idRHSA-2015:0808
    released2015-04-15
    severityImportant
    titleRHSA-2015:0808: java-1.6.0-openjdk security update (Important)
  • bugzilla
    id1211543
    titleCVE-2015-0488 OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentjava-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809001
          • commentjava-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636006
        • AND
          • commentjava-1.8.0-openjdk-devel is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809003
          • commentjava-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636012
        • AND
          • commentjava-1.8.0-openjdk-src is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809005
          • commentjava-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636004
        • AND
          • commentjava-1.8.0-openjdk-demo is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809007
          • commentjava-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636002
        • AND
          • commentjava-1.8.0-openjdk is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809009
          • commentjava-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636008
        • AND
          • commentjava-1.8.0-openjdk-headless is earlier than 1:1.8.0.45-28.b13.el6_6
            ovaloval:com.redhat.rhsa:tst:20150809011
          • commentjava-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636010
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentjava-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809014
          • commentjava-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636006
        • AND
          • commentjava-1.8.0-openjdk-demo is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809015
          • commentjava-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636002
        • AND
          • commentjava-1.8.0-openjdk-devel is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809016
          • commentjava-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636012
        • AND
          • commentjava-1.8.0-openjdk-src is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809017
          • commentjava-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636004
        • AND
          • commentjava-1.8.0-openjdk-accessibility is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809018
          • commentjava-1.8.0-openjdk-accessibility is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150809019
        • AND
          • commentjava-1.8.0-openjdk is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809020
          • commentjava-1.8.0-openjdk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636008
        • AND
          • commentjava-1.8.0-openjdk-headless is earlier than 1:1.8.0.45-30.b13.el7_1
            ovaloval:com.redhat.rhsa:tst:20150809021
          • commentjava-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20141636010
    rhsa
    idRHSA-2015:0809
    released2015-04-15
    severityImportant
    titleRHSA-2015:0809: java-1.8.0-openjdk security update (Important)
  • rhsa
    idRHSA-2015:0854
  • rhsa
    idRHSA-2015:0857
  • rhsa
    idRHSA-2015:0858
  • rhsa
    idRHSA-2015:1006
  • rhsa
    idRHSA-2015:1007
  • rhsa
    idRHSA-2015:1020
  • rhsa
    idRHSA-2015:1021
  • rhsa
    idRHSA-2015:1091
rpms
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-accessibility-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-accessibility-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-headless-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-headless-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.1.ael7b_1
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-accessibility-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-accessibility-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-demo-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-demo-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-demo-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-devel-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-devel-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-devel-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-headless-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-headless-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-headless-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-javadoc-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-javadoc-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-javadoc-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-src-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-src-1:1.8.0.45-30.b13.ael7b_1
  • java-1.8.0-openjdk-src-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1
  • java-1.8.0-oracle-devel-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-devel-1:1.8.0.45-1jpp.2.el7_1
  • java-1.8.0-oracle-javafx-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-javafx-1:1.8.0.45-1jpp.2.el7_1
  • java-1.8.0-oracle-jdbc-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-jdbc-1:1.8.0.45-1jpp.2.el7_1
  • java-1.8.0-oracle-plugin-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-plugin-1:1.8.0.45-1jpp.2.el7_1
  • java-1.8.0-oracle-src-1:1.8.0.45-1jpp.2.el6_6
  • java-1.8.0-oracle-src-1:1.8.0.45-1jpp.2.el7_1
  • java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1
  • java-1.7.0-oracle-devel-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-devel-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-devel-1:1.7.0.79-1jpp.1.el7_1
  • java-1.7.0-oracle-javafx-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-javafx-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-javafx-1:1.7.0.79-1jpp.1.el7_1
  • java-1.7.0-oracle-jdbc-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-jdbc-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-jdbc-1:1.7.0.79-1jpp.1.el7_1
  • java-1.7.0-oracle-plugin-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-plugin-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-plugin-1:1.7.0.79-1jpp.1.el7_1
  • java-1.7.0-oracle-src-1:1.7.0.79-1jpp.1.el5_11
  • java-1.7.0-oracle-src-1:1.7.0.79-1jpp.1.el6_6
  • java-1.7.0-oracle-src-1:1.7.0.79-1jpp.1.el7_1
  • java-1.6.0-sun-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-sun-demo-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-demo-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-demo-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-sun-devel-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-devel-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-devel-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-sun-jdbc-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-jdbc-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-jdbc-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-sun-plugin-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-plugin-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-plugin-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-sun-src-1:1.6.0.95-1jpp.3.el5_11
  • java-1.6.0-sun-src-1:1.6.0.95-1jpp.3.el6_6
  • java-1.6.0-sun-src-1:1.6.0.95-1jpp.3.el7_1
  • java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-accessibility-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-demo-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-demo-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-devel-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-plugin-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-plugin-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-src-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-src-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.0-ibm-demo-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.0-ibm-devel-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.0-ibm-jdbc-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.0-ibm-plugin-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.0-ibm-src-1:1.7.0.9.0-1jpp.1.el5
  • java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.ael7b_1
  • java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.7.1-ibm-demo-1:1.7.1.3.0-1jpp.2.ael7b_1
  • java-1.7.1-ibm-demo-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-demo-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.7.1-ibm-devel-1:1.7.1.3.0-1jpp.2.ael7b_1
  • java-1.7.1-ibm-devel-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-devel-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.7.1-ibm-jdbc-1:1.7.1.3.0-1jpp.2.ael7b_1
  • java-1.7.1-ibm-jdbc-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-jdbc-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.7.1-ibm-plugin-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-plugin-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.7.1-ibm-src-1:1.7.1.3.0-1jpp.2.ael7b_1
  • java-1.7.1-ibm-src-1:1.7.1.3.0-1jpp.2.el6_6
  • java-1.7.1-ibm-src-1:1.7.1.3.0-1jpp.2.el7_1
  • java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-accessibility-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-demo-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-demo-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-devel-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-devel-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-plugin-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-plugin-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.5.0-ibm-src-1:1.5.0.16.10-1jpp.1.el5
  • java-1.5.0-ibm-src-1:1.5.0.16.10-1jpp.1.el6_6
  • java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.4-1jpp.1.el6_6
  • java-1.6.0-ibm-devel-1:1.6.0.16.4-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.16.4-1jpp.1.el6_6

References