Vulnerabilities > CVE-2016-0636
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 8 | |
| Application | 1 | |
| Application | 6 |
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0515.NASL description An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update provides Oracle Java 7 Update 99. Security Fix(es) : This update fixes one vulnerability in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about this flaw can be found on the Oracle Security Alert page listed in the References section. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90183 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90183 title RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0515) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:0515. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(90183); script_version("2.11"); script_cvs_date("Date: 2019/10/24 15:35:41"); script_cve_id("CVE-2016-0636"); script_xref(name:"RHSA", value:"2016:0515"); script_name(english:"RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0515)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update provides Oracle Java 7 Update 99. Security Fix(es) : This update fixes one vulnerability in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about this flaw can be found on the Oracle Security Alert page listed in the References section. (CVE-2016-0636)" ); script_set_attribute( attribute:"see_also", value:"http://www.oracle.com/technetwork/topics/security/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2016:0515" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2016-0636" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-javafx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-plugin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! ereg(pattern:"^(5|6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x / 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2016:0515"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-javafx-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-javafx-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-jdbc-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-jdbc-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-plugin-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-plugin-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"i586", reference:"java-1.7.0-oracle-src-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.7.0-oracle-src-1.7.0.99-1jpp.1.el5_11")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-javafx-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-javafx-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-jdbc-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-jdbc-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-plugin-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-plugin-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"i686", reference:"java-1.7.0-oracle-src-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"java-1.7.0-oracle-src-1.7.0.99-1jpp.1.el6_7")) flag++; if (rpm_check(release:"RHEL7", cpu:"i686", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"i686", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-devel-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-javafx-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-jdbc-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-plugin-1.7.0.99-1jpp.1.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"java-1.7.0-oracle-src-1.7.0.99-1jpp.1.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.7.0-oracle / java-1.7.0-oracle-devel / etc"); } }NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-457.NASL description This update for java-1_7_0-openjdk fixes the following issues : java-1_7_0-openjdk was updated to 2.6.5 - OpenJDK 7u99 (boo#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of last seen 2020-06-05 modified 2016-04-15 plugin id 90529 published 2016-04-15 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90529 title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-457) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2016-457. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(90529); script_version("2.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2016-0636"); script_name(english:"openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-457)"); script_summary(english:"Check for the openSUSE-2016-457 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for java-1_7_0-openjdk fixes the following issues : java-1_7_0-openjdk was updated to 2.6.5 - OpenJDK 7u99 (boo#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. - CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed - AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent NULL pointer exceptions in javac - PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12 Update to 2.6.5 - OpenJDK 7u99 (boo#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of 'stap' executable is hard-coded - PR2893: test/tapset/jstaptest.pl should be executable - PR2894: Add missing test directory in make check. - CACAO - PR2781, CA195: typeinfo.cpp: typeinfo_merge_nonarrays: Assertion `dest && result && x.any && y.any' failed - AArch64 port - PR2852: Add support for large code cache - PR2852: Apply ReservedCodeCacheSize default limiting to AArch64 only. - S8081289, PR2852: aarch64: add support for RewriteFrequentPairs in interpreter - S8131483, PR2852: aarch64: illegal stlxr instructions - S8133352, PR2852: aarch64: generates constrained unpredictable instructions - S8133842, PR2852: aarch64: C2 generates illegal instructions with int shifts >=32 - S8134322, PR2852: AArch64: Fix several errors in C2 biased locking implementation - S8136615, PR2852: aarch64: elide DecodeN when followed by CmpP 0 - S8138575, PR2852: Improve generated code for profile counters - S8138641, PR2852: Disable C2 peephole by default for aarch64 - S8138966, PR2852: Intermittent SEGV running ParallelGC - S8143067, PR2852: aarch64: guarantee failure in javac - S8143285, PR2852: aarch64: Missing load acquire when checking if ConstantPoolCacheEntry is resolved - S8143584, PR2852: Load constant pool tag and class status with load acquire - S8144201, PR2852: aarch64: jdk/test/com/sun/net/httpserver/Test6a.java fails with --enable-unlimited-crypto - S8144582, PR2852: AArch64 does not generate correct branch profile data - S8146709, PR2852: AArch64: Incorrect use of ADRP for byte_map_base - S8147805, PR2852: aarch64: C1 segmentation fault due to inline Unsafe.getAndSetObject - S8148240, PR2852: aarch64: random infrequent NULL pointer exceptions in javac - PPC & AIX port - S8034797, PR2851: AIX: Fix os::naked_short_sleep() in os_aix.cpp after 8028280 - S8139258, PR2851: PPC64LE: argument passing problem when passing 15 floats in native call - S8139421, PR2851: PPC64LE: MacroAssembler::bxx64_patchable kill register R12" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=972468" ); script_set_attribute( attribute:"solution", value:"Update the affected java-1_7_0-openjdk packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-accessibility"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1"); script_set_attribute(attribute:"patch_publication_date", value:"2016/04/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-accessibility-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-debuginfo-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-debugsource-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-demo-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-demo-debuginfo-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-devel-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-devel-debuginfo-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-headless-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-headless-debuginfo-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-javadoc-1.7.0.99-24.33.2") ) flag++; if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-src-1.7.0.99-24.33.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_7_0-openjdk / java-1_7_0-openjdk-accessibility / etc"); }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0511.NASL description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90156 published 2016-03-25 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90156 title CentOS 6 : java-1.7.0-openjdk (CESA-2016:0511) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:0511 and # CentOS Errata and Security Advisory 2016:0511 respectively. # include("compat.inc"); if (description) { script_id(90156); script_version("2.10"); script_cvs_date("Date: 2020/01/02"); script_cve_id("CVE-2016-0636"); script_xref(name:"RHSA", value:"2016:0511"); script_name(english:"CentOS 6 : java-1.7.0-openjdk (CESA-2016:0511)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)" ); # https://lists.centos.org/pipermail/centos-announce/2016-March/021772.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a9128a65" ); script_set_attribute( attribute:"solution", value:"Update the affected java-1.7.0-openjdk packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-0636"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:java-1.7.0-openjdk-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/24"); script_set_attribute(attribute:"patch_publication_date", value:"2016/03/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-1.7.0.99-2.6.5.0.el6_7")) flag++; if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-demo-1.7.0.99-2.6.5.0.el6_7")) flag++; if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-devel-1.7.0.99-2.6.5.0.el6_7")) flag++; if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-javadoc-1.7.0.99-2.6.5.0.el6_7")) flag++; if (rpm_check(release:"CentOS-6", reference:"java-1.7.0-openjdk-src-1.7.0.99-2.6.5.0.el6_7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3558.NASL description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure. last seen 2020-06-01 modified 2020-06-02 plugin id 90725 published 2016-04-27 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90725 title Debian DSA-3558-1 : openjdk-7 - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-3558. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(90725); script_version("2.9"); script_cvs_date("Date: 2018/11/10 11:49:37"); script_cve_id("CVE-2016-0636", "CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3426", "CVE-2016-3427"); script_xref(name:"DSA", value:"3558"); script_name(english:"Debian DSA-3558-1 : openjdk-7 - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure." ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/openjdk-7" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2016/dsa-3558" ); script_set_attribute( attribute:"solution", value: "Upgrade the openjdk-7 packages. For the stable distribution (jessie), these problems have been fixed in version 7u101-2.6.6-1~deb8u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"patch_publication_date", value:"2016/04/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"icedtea-7-jre-jamvm", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-dbg", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-demo", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-doc", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-jdk", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-jre", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-jre-headless", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-jre-lib", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-jre-zero", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"openjdk-7-source", reference:"7u101-2.6.6-1~deb8u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1010.NASL description According to the version of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-05-01 plugin id 99773 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99773 title EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1010) NASL family Scientific Linux Local Security Checks NASL id SL_20160325_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL description Security Fix(es) : - An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-03-18 modified 2016-03-28 plugin id 90244 published 2016-03-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90244 title Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160325) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0513.NASL description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90158 published 2016-03-25 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90158 title CentOS 7 : java-1.8.0-openjdk (CESA-2016:0513) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0512.NASL description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90157 published 2016-03-25 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90157 title CentOS 5 / 7 : java-1.7.0-openjdk (CESA-2016:0512) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201610-08.NASL description The remote host is affected by the vulnerability described in GLSA-201610-08 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities exist in both Oracle’s JRE and JDK. Please review the referenced CVE’s for additional information. Impact : Remote attackers could gain access to information, remotely execute arbitrary code, or cause Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 94085 published 2016-10-17 reporter This script is Copyright (C) 2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94085 title GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0959-1.NASL description The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues : Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of last seen 2020-06-01 modified 2020-06-02 plugin id 90399 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90399 title SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0959-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0514.NASL description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90182 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90182 title RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0514) NASL family Windows NASL id ORACLE_JAVA_SE_CVE-2016-0636.NASL description The version of Oracle Java SE or Java for Business installed on the remote host is affected by an arbitrary code execution vulnerability in the Hotspot subcomponent due to an unsafe implementation of the Reflection API, which improperly processes JSR 292 method handles due to a lack of enforcement of class loader constraints. A remote attacker can exploit this, by convincing a user to visit a malicious web page, to execute arbitrary code outside the Java sandbox. last seen 2020-06-01 modified 2020-06-02 plugin id 90828 published 2016-05-02 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90828 title Oracle Java SE Hotspot JSR 292 Method Handles RCE NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0513.NASL description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90181 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90181 title RHEL 7 : java-1.8.0-openjdk (RHSA-2016:0513) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201606-18.NASL description The remote host is affected by the vulnerability described in GLSA-201606-18 (IcedTea: Multiple vulnerabilities) Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability of vulnerable systems. Many of the vulnerabilities can only be exploited through sandboxed Java Web Start applications and java applets. Please review the CVE identifiers referenced below for details. Impact : Remote attackers may execute arbitrary code, compromise information, or cause Denial of Service. Workaround : There is no known work around at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 91863 published 2016-06-28 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/91863 title GLSA-201606-18 : IcedTea: Multiple vulnerabilities NASL family Scientific Linux Local Security Checks NASL id SL_20160325_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL description Security Fix(es) : - An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-03-18 modified 2016-03-28 plugin id 90243 published 2016-03-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90243 title Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160325) NASL family Scientific Linux Local Security Checks NASL id SL_20160325_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL description Security Fix(es) : - An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-03-18 modified 2016-03-28 plugin id 90242 published 2016-03-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90242 title Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20160325) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-451.NASL description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure. For Debian 7 last seen 2020-03-17 modified 2016-05-04 plugin id 90869 published 2016-05-04 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90869 title Debian DLA-451-1 : openjdk-7 security update NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0513.NASL description From Red Hat Security Advisory 2016:0513 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90176 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90176 title Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0513) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0956-1.NASL description The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues : Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency, which could be used by attackers to inject code. - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of last seen 2020-06-01 modified 2020-06-02 plugin id 90397 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90397 title SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0956-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2942-1.NASL description A vulnerability was discovered in the JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 90245 published 2016-03-28 reporter Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90245 title Ubuntu 14.04 LTS / 15.10 : openjdk-7 vulnerability (USN-2942-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0512.NASL description From Red Hat Security Advisory 2016:0512 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90175 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90175 title Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0512) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-0514.NASL description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90159 published 2016-03-25 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90159 title CentOS 6 : java-1.8.0-openjdk (CESA-2016:0514) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0511.NASL description From Red Hat Security Advisory 2016:0511 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90174 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90174 title Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0511) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0516.NASL description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update provides Oracle Java 8 Update 77. Security Fix(es) : This update fixes one vulnerability in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about this flaw can be found on the Oracle Security Alert page listed in the References section. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90184 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90184 title RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0516) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0511.NASL description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90179 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90179 title RHEL 6 : java-1.7.0-openjdk (RHSA-2016:0511) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-432.NASL description This update of java-1_8_0-openjdk to jdk8u77-b03 fixes the following issues : - CVE-2016-0636: Improve MethodHandle consistency fixes crash / code execution problems. last seen 2020-06-05 modified 2016-04-13 plugin id 90475 published 2016-04-13 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90475 title openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-432) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-0514.NASL description From Red Hat Security Advisory 2016:0514 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90177 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90177 title Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2016-0514) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-443.NASL description This update for java-1_8_0-openjdk to version jdk8u77-b03 fixes the following security issue : - CVE-2016-0636: Improve MethodHandle consistency, which had allowed attackers to execute code. (bsc#972468) This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-05 modified 2016-04-13 plugin id 90480 published 2016-04-13 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90480 title openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-443) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-444.NASL description The OpenJDK Java java-1_7_0-openjdk was updated to 2.6.5 to fix the following issues : Update to 2.6.5 - OpenJDK 7u99 (bsc#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of last seen 2020-06-05 modified 2016-04-13 plugin id 90481 published 2016-04-13 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90481 title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-444) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-0512.NASL description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix(es) : * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-06-01 modified 2020-06-02 plugin id 90180 published 2016-03-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90180 title RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0512) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2016-677.NASL description An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. last seen 2020-06-01 modified 2020-06-02 plugin id 90270 published 2016-04-01 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90270 title Amazon Linux AMI : java-1.8.0-openjdk / java-1.7.0-openjdk (ALAS-2016-677) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0957-1.NASL description This update for java-1_8_0-openjdk to version jdk8u77-b03 fixes the following security issue : - CVE-2016-0636: Improve MethodHandle consistency, which had allowed attackers to execute code. (bsc#972468) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 90398 published 2016-04-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90398 title SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0957-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-431.NASL description This update for java-1_7_0-openjdk fixes the following issues : java-1_7_0-openjdk was updated to 2.6.5 - OpenJDK 7u99 (boo#972468) - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote connector - S6961123: setWMClass fails to null-terminate WM_CLASS string - S8145982, PR2858: JMXInterfaceBindingTest is failing intermittently - S8146015, PR2858: JMXInterfaceBindingTest is failing intermittently for IPv6 addresses - Backports - S8028727, PR2814: [parfait] warnings from b116 for jdk.src.share.native.sun.security.ec: JNI pending exceptions - S8048512, PR2814: Uninitialised memory in jdk/src/share/native/sun/security/ec/ECC_JNI.cpp - S8071705. PR2819, RH1182694: Java application menu misbehaves when running multiple screen stacked vertically - S8150954, PR2866, RH1176206: AWT Robot not compatible with GNOME Shell - Bug fixes - PR2803: Make system CUPS optional - PR2886: Location of last seen 2020-06-05 modified 2016-04-08 plugin id 90419 published 2016-04-08 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/90419 title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431) NASL family Scientific Linux Local Security Checks NASL id SL_20160325_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL description Security Fix(es) : - An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636) last seen 2020-03-18 modified 2016-03-28 plugin id 90241 published 2016-03-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/90241 title Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160325)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
- http://rhn.redhat.com/errata/RHSA-2016-0516.html
- https://security.gentoo.org/glsa/201606-18
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/85376
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html
- http://www.ubuntu.com/usn/USN-2942-1
- http://rhn.redhat.com/errata/RHSA-2016-0512.html
- http://rhn.redhat.com/errata/RHSA-2016-0511.html
- http://rhn.redhat.com/errata/RHSA-2016-0513.html
- http://www.securitytracker.com/id/1035401
- http://www.debian.org/security/2016/dsa-3558
- http://rhn.redhat.com/errata/RHSA-2016-0514.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html
- http://rhn.redhat.com/errata/RHSA-2016-0515.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html
- https://security.gentoo.org/glsa/201610-08
- https://security.netapp.com/advisory/ntap-20160328-0001/