Vulnerabilities > CVE-2016-0695

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
high complexity
oracle
redhat
nessus

Summary

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1248-1.NASL
    descriptionThis update for java-1_8_0-openjdk fixes the following security issues - April 2016 Oracle CPU (bsc#976340) : - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to the Security Component - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to affect availability via vectors related to JAXP - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to JCE - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90992
    published2016-05-09
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90992
    titleSUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:1248-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:1248-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90992);
      script_version("2.7");
      script_cvs_date("Date: 2019/09/11 11:22:13");
    
      script_cve_id("CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3426", "CVE-2016-3427");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:1248-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for java-1_8_0-openjdk fixes the following security issues
    - April 2016 Oracle CPU (bsc#976340) :
    
      - CVE-2016-0686: Unspecified vulnerability allowed remote
        attackers to affect confidentiality, integrity, and
        availability via vectors related to Serialization.
    
      - CVE-2016-0687: Unspecified vulnerability allowed remote
        attackers to affect confidentiality, integrity, and
        availability via vectors related to the Hotspot
        sub-component
    
      - CVE-2016-0695: Unspecified vulnerability allowed remote
        attackers to affect confidentiality via vectors related
        to the Security Component
    
      - CVE-2016-3425: Unspecified vulnerability allowed remote
        attackers to affect availability via vectors related to
        JAXP
    
      - CVE-2016-3426: Unspecified vulnerability allowed remote
        attackers to affect confidentiality via vectors related
        to JCE
    
      - CVE-2016-3427: Unspecified vulnerability allowed remote
        attackers to affect confidentiality, integrity, and
        availability via vectors related to JMX
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=976340"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0686/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0687/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0695/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3425/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3426/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3427/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20161248-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?27135751"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 12-SP1 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-724=1
    
    SUSE Linux Enterprise Desktop 12-SP1 :
    
    zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-724=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/05/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/09");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-debugsource-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-demo-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-demo-debuginfo-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-devel-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-headless-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-debuginfo-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-debugsource-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-1.8.0.91-11.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"java-1_8_0-openjdk-headless-debuginfo-1.8.0.91-11.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_8_0-openjdk");
    }
    
  • NASL familyWindows
    NASL idORACLE_JROCKIT_CPU_APR_2016.NASL
    descriptionThe version of Oracle JRockit installed on the remote Windows host is 28.3.9. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists related to the Security subcomponent that allows a remote attacker to access potentially sensitive information. No other details are available. (CVE-2016-0695) - An unspecified flaw exists related to the JAXP subcomponent that allows a remote attacker to cause a denial of service. No other details are available. (CVE-2016-3425) - An unspecified flaw exists related to the JMX subcomponent that allows a remote attacker to execute arbitrary code. No other details are available. (CVE-2016-3427)
    last seen2020-06-01
    modified2020-06-02
    plugin id90604
    published2016-04-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90604
    titleOracle JRockit R28.3.9 Multiple Vulnerabilities (April 2016 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90604);
      script_version("1.8");
      script_cvs_date("Date: 2019/11/20");
    
      script_cve_id("CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3427");
    
      script_name(english:"Oracle JRockit R28.3.9 Multiple Vulnerabilities (April 2016 CPU)");
      script_summary(english:"Checks the version of jvm.dll.");
    
      script_set_attribute(attribute:"synopsis", value:
    "A programming platform installed on the remote Windows host is
    affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of Oracle JRockit installed on the remote Windows host is
    28.3.9. It is, therefore, affected by multiple vulnerabilities :
    
      - An unspecified flaw exists related to the Security
        subcomponent that allows a remote attacker to access
        potentially sensitive information. No other details are
        available. (CVE-2016-0695)
    
      - An unspecified flaw exists related to the JAXP
        subcomponent that allows a remote attacker to cause a
        denial of service. No other details are available.
        (CVE-2016-3425)
    
      - An unspecified flaw exists related to the JMX
        subcomponent that allows a remote attacker to execute
        arbitrary code. No other details are available.
        (CVE-2016-3427)");
      # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ffb7b96f");
      # https://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?84e0e8de");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Oracle JRockit version R28.3.10 or later as referenced in
    the April 2016 Oracle Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-3427");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/20");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jrockit");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("oracle_jrockit_installed.nasl");
      script_require_keys("installed_sw/Oracle JRockit");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("install_func.inc");
    
    app     = "Oracle JRockit";
    install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);
    ver     = install['version'];
    type    = install['type'];
    path    = install['path'];
    
    if (ver =~ "^28(\.3)?$") audit(AUDIT_VER_NOT_GRANULAR, app, ver);
    if (ver !~ "^28\.3($|[^0-9])") audit(AUDIT_NOT_INST, app + " 28.3.x");
    
    # Affected :
    # 28.3.9
    if (ver =~ "^28\.3\.9($|[^0-9])")
    {
      port = get_kb_item("SMB/transport");
      if (!port) port = 445;
    
      if (report_verbosity > 0)
      {
        # The DLL we're looking at is a level deeper in the JDK, since it
        # keeps a subset of the JRE in a subdirectory.
        if (type == "JDK")  path += "\jre";
        path += "\bin\jrockit\jvm.dll";
    
        report =
          '\n  Type              : ' + type +
          '\n  Path              : ' + path +
          '\n  Installed version : ' + ver  +
          '\n  Fixed version     : 28.3.10'  +
          '\n';
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
    }
    else audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0675.NASL
    descriptionFrom Red Hat Security Advisory 2016:0675 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90666
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90666
    titleOracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0675)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2016:0675 and 
    # Oracle Linux Security Advisory ELSA-2016-0675 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90666);
      script_version("2.8");
      script_cvs_date("Date: 2019/09/27 13:00:37");
    
      script_cve_id("CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3427");
      script_xref(name:"RHSA", value:"2016:0675");
    
      script_name(english:"Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0675)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2016:0675 :
    
    An update for java-1.7.0-openjdk is now available for Red Hat
    Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
    Environment and the OpenJDK 7 Java Software Development Kit.
    
    Security Fix(es) :
    
    * Multiple flaws were discovered in the Serialization and Hotspot
    components in OpenJDK. An untrusted Java application or applet could
    use these flaws to completely bypass Java sandbox restrictions.
    (CVE-2016-0686, CVE-2016-0687)
    
    * It was discovered that the RMI server implementation in the JMX
    component in OpenJDK did not restrict which classes can be
    deserialized when deserializing authentication credentials. A remote,
    unauthenticated attacker able to connect to a JMX port could possibly
    use this flaw to trigger deserialization flaws. (CVE-2016-3427)
    
    * It was discovered that the JAXP component in OpenJDK failed to
    properly handle Unicode surrogate pairs used as part of the XML
    attribute values. Specially crafted XML input could cause a Java
    application to use an excessive amount of memory when parsed.
    (CVE-2016-3425)
    
    * It was discovered that the Security component in OpenJDK failed to
    check the digest algorithm strength when generating DSA signatures.
    The use of a digest weaker than the key strength could lead to the
    generation of signatures that were weaker than expected.
    (CVE-2016-0695)
    
    Note: If the web browser plug-in provided by the icedtea-web package
    was installed, the issues exposed via Java applets could have been
    exploited without user interaction if a user visited a malicious
    website."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2016-April/005957.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected java-1.7.0-openjdk packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:java-1.7.0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/22");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL6", reference:"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.0.1.el6_7")) flag++;
    if (rpm_check(release:"EL6", reference:"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.0.1.el6_7")) flag++;
    if (rpm_check(release:"EL6", reference:"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.0.1.el6_7")) flag++;
    if (rpm_check(release:"EL6", reference:"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.0.1.el6_7")) flag++;
    if (rpm_check(release:"EL6", reference:"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.0.1.el6_7")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-560.NASL
    descriptionThis update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed : - CVE-2016-0686: Ensure thread consistency (bsc#976340). - CVE-2016-0687: Better byte behavior (bsc#976340). - CVE-2016-0695: Make DSA more fair (bsc#976340). - CVE-2016-3425: Better buffering of XML strings (bsc#976340). - CVE-2016-3427: Improve JMX connections (bsc#976340).
    last seen2020-06-05
    modified2016-05-05
    plugin id90912
    published2016-05-05
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90912
    titleopenSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-560)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-560.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90912);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3427");
    
      script_name(english:"openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-560)");
      script_summary(english:"Check for the openSUSE-2016-560 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for java-1_7_0-openjdk to version 2.6.6 fixes five
    security issues.
    
    These security issues were fixed :
    
      - CVE-2016-0686: Ensure thread consistency (bsc#976340).
    
      - CVE-2016-0687: Better byte behavior (bsc#976340).
    
      - CVE-2016-0695: Make DSA more fair (bsc#976340).
    
      - CVE-2016-3425: Better buffering of XML strings
        (bsc#976340).
    
      - CVE-2016-3427: Improve JMX connections (bsc#976340)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=976340"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected java-1_7_0-openjdk packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-accessibility");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-demo-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-headless-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_7_0-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/05/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-accessibility-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-debuginfo-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-debugsource-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-demo-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-demo-debuginfo-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-devel-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-devel-debuginfo-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-headless-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-headless-debuginfo-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-javadoc-1.7.0.101-24.36.2") ) flag++;
    if ( rpm_check(release:"SUSE13.1", reference:"java-1_7_0-openjdk-src-1.7.0.101-24.36.2") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_7_0-openjdk / java-1_7_0-openjdk-accessibility / etc");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0676.NASL
    descriptionFrom Red Hat Security Advisory 2016:0676 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90667
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90667
    titleOracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0676)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3558.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.
    last seen2020-06-01
    modified2020-06-02
    plugin id90725
    published2016-04-27
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90725
    titleDebian DSA-3558-1 : openjdk-7 - security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0723.NASL
    descriptionFrom Red Hat Security Advisory 2016:0723 : An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id91030
    published2016-05-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91030
    titleOracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0723)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0650.NASL
    descriptionAn update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90634
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90634
    titleCentOS 7 : java-1.8.0-openjdk (CESA-2016:0650)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0723.NASL
    descriptionAn update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id91034
    published2016-05-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91034
    titleRHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0723)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160420_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) - It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-03-18
    modified2016-04-21
    plugin id90618
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90618
    titleScientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160420)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0678.NASL
    descriptionAn update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 101. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen2020-06-01
    modified2020-06-02
    plugin id90671
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90671
    titleRHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0678)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0679.NASL
    descriptionAn update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen2020-06-01
    modified2020-06-02
    plugin id90672
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90672
    titleRHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0679)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160421_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-03-18
    modified2016-04-22
    plugin id90674
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90674
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20160421)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-554.NASL
    descriptionThis update for java-1_8_0-openjdk fixes the following security issues - April 2016 Oracle CPU (bsc#976340) : - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to the Security Component - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to affect availability via vectors related to JAXP - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to JCE - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX
    last seen2020-06-05
    modified2016-05-05
    plugin id90906
    published2016-05-05
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90906
    titleopenSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-554)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-553.NASL
    descriptionThis update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed : - CVE-2016-0686: Ensure thread consistency (bsc#976340). - CVE-2016-0687: Better byte behavior (bsc#976340). - CVE-2016-0695: Make DSA more fair (bsc#976340). - CVE-2016-3425: Better buffering of XML strings (bsc#976340). - CVE-2016-3427: Improve JMX connections (bsc#976340).
    last seen2020-06-05
    modified2016-05-05
    plugin id90905
    published2016-05-05
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90905
    titleopenSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-553)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0675.NASL
    descriptionAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90668
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90668
    titleRHEL 6 : java-1.7.0-openjdk (RHSA-2016:0675)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0675.NASL
    descriptionAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90636
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90636
    titleCentOS 6 : java-1.7.0-openjdk (CESA-2016:0675)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2964-1.NASL
    descriptionMultiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687, CVE-2016-3427) A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90918
    published2016-05-05
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90918
    titleUbuntu 14.04 LTS / 15.10 : openjdk-7 vulnerabilities (USN-2964-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0676.NASL
    descriptionAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90637
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90637
    titleCentOS 5 / 7 : java-1.7.0-openjdk (CESA-2016:0676)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160421_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-03-18
    modified2016-04-22
    plugin id90673
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90673
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160421)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201606-18.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201606-18 (IcedTea: Multiple vulnerabilities) Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability of vulnerable systems. Many of the vulnerabilities can only be exploited through sandboxed Java Web Start applications and java applets. Please review the CVE identifiers referenced below for details. Impact : Remote attackers may execute arbitrary code, compromise information, or cause Denial of Service. Workaround : There is no known work around at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id91863
    published2016-06-28
    reporterThis script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91863
    titleGLSA-201606-18 : IcedTea: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-572.NASL
    descriptionThis update for java-1_8_0-openjdk fixes the following security issues - April 2016 Oracle CPU (bsc#976340) : - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to the Security Component - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to affect availability via vectors related to JAXP - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to affect confidentiality via vectors related to JCE - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-05
    modified2016-05-09
    plugin id90984
    published2016-05-09
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90984
    titleopenSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-572)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0650.NASL
    descriptionAn update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90615
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90615
    titleRHEL 7 : java-1.8.0-openjdk (RHSA-2016:0650)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0651.NASL
    descriptionFrom Red Hat Security Advisory 2016:0651 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90614
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90614
    titleOracle Linux 6 : java-1.8.0-openjdk (ELSA-2016-0651)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2963-1.NASL
    descriptionMultiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687, CVE-2016-3427) Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695, CVE-2016-3426) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90917
    published2016-05-05
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90917
    titleUbuntu 16.04 LTS : openjdk-8 vulnerabilities (USN-2963-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160509_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-03-18
    modified2016-05-11
    plugin id91040
    published2016-05-11
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91040
    titleScientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160509)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-451.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure. For Debian 7
    last seen2020-03-17
    modified2016-05-04
    plugin id90869
    published2016-05-04
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90869
    titleDebian DLA-451-1 : openjdk-7 security update
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-700.NASL
    descriptionMultiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686 , CVE-2016-0687) It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id91048
    published2016-05-12
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91048
    titleAmazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-700)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1250-1.NASL
    descriptionThis update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed : - CVE-2016-0686: Ensure thread consistency (bsc#976340). - CVE-2016-0687: Better byte behavior (bsc#976340). - CVE-2016-0695: Make DSA more fair (bsc#976340). - CVE-2016-3425: Better buffering of XML strings (bsc#976340). - CVE-2016-3427: Improve JMX connections (bsc#976340). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id90993
    published2016-05-09
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90993
    titleSUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:1250-1)
  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_APR_2016.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 91, 7 Update 101, or 6 Update 115. It is, therefore, affected by security vulnerabilities in the following subcomponents : - 2D - Deployment - Hotspot - JAXP - JCE - JMX - Security - Serialization
    last seen2020-06-01
    modified2020-06-02
    plugin id90625
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90625
    titleOracle Java SE Multiple Vulnerabilities (April 2016 CPU)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0677.NASL
    descriptionAn update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 91. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen2020-06-01
    modified2020-06-02
    plugin id90670
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90670
    titleRHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0677)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0650.NASL
    descriptionFrom Red Hat Security Advisory 2016:0650 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen2020-06-01
    modified2020-06-02
    plugin id90613
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90613
    titleOracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0650)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1015.NASL
    descriptionAccording to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.(CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.(CVE-2016-3425) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.(CVE-2016-0695) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2017-05-01
    plugin id99778
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99778
    titleEulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1015)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0676.NASL
    descriptionAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90669
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90669
    titleRHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-688.NASL
    descriptionIt was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0686) It was discovered that the Hotspot component of OpenJDK did not properly handle byte types. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and possibly execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2016-0687) It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component of OpenJDK used non-constant time comparison when comparing GCM authentication tag. A remote attacker could possibly use this flaw to determine correct value of the authentication tag and bypass authentication protections of GCM. (CVE-2016-3426)
    last seen2020-06-01
    modified2020-06-02
    plugin id90630
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90630
    titleAmazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-688)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0651.NASL
    descriptionAn update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90616
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90616
    titleRHEL 6 : java-1.8.0-openjdk (RHSA-2016:0651)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0723.NASL
    descriptionAn update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id91018
    published2016-05-11
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91018
    titleCentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:0723)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-573.NASL
    descriptionThis update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed : - CVE-2016-0686: Ensure thread consistency (bsc#976340). - CVE-2016-0687: Better byte behavior (bsc#976340). - CVE-2016-0695: Make DSA more fair (bsc#976340). - CVE-2016-3425: Better buffering of XML strings (bsc#976340). - CVE-2016-3427: Improve JMX connections (bsc#976340). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-05-09
    plugin id90985
    published2016-05-09
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90985
    titleopenSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-573)
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_APR_2016_UNIX.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 91, 7 Update 101, or 6 Update 115. It is, therefore, affected by security vulnerabilities in the following subcomponents : - 2D - Deployment - Hotspot - JAXP - JCE - JMX - Security - Serialization
    last seen2020-06-01
    modified2020-06-02
    plugin id90626
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90626
    titleOracle Java SE Multiple Vulnerabilities (April 2016 CPU) (Unix)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160420_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) - It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-03-18
    modified2016-04-21
    plugin id90617
    published2016-04-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90617
    titleScientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160420)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0651.NASL
    descriptionAn update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90635
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/90635
    titleCentOS 6 : java-1.8.0-openjdk (CESA-2016:0651)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2972-1.NASL
    descriptionMultiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687, CVE-2016-3427) A vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id91095
    published2016-05-12
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91095
    titleUbuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2972-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-693.NASL
    descriptionIt was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0686) It was discovered that the Hotspot component of OpenJDK did not properly handle byte types. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and possibly execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2016-0687) It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)
    last seen2020-06-01
    modified2020-06-02
    plugin id90777
    published2016-04-29
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90777
    titleAmazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-693)

Redhat

advisories
  • rhsa
    idRHSA-2016:0650
  • rhsa
    idRHSA-2016:0651
  • rhsa
    idRHSA-2016:0675
  • rhsa
    idRHSA-2016:0676
  • rhsa
    idRHSA-2016:0677
  • rhsa
    idRHSA-2016:0678
  • rhsa
    idRHSA-2016:0679
  • rhsa
    idRHSA-2016:0723
rpms
  • java-1.8.0-openjdk-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-accessibility-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-accessibility-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-demo-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-devel-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-headless-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-javadoc-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-src-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-src-debug-1:1.8.0.91-0.b14.el7_2
  • java-1.8.0-openjdk-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-demo-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-devel-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-headless-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-javadoc-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-src-1:1.8.0.91-0.b14.el6_7
  • java-1.8.0-openjdk-src-debug-1:1.8.0.91-0.b14.el6_7
  • java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-demo-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-devel-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-javadoc-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-src-1:1.7.0.101-2.6.6.1.el6_7
  • java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-accessibility-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-demo-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-devel-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-headless-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-javadoc-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.7.0-openjdk-src-1:1.7.0.101-2.6.6.1.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.101-2.6.6.1.el7_2
  • java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-1:1.8.0.91-1jpp.1.el7
  • java-1.8.0-oracle-devel-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-devel-1:1.8.0.91-1jpp.1.el7
  • java-1.8.0-oracle-javafx-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-javafx-1:1.8.0.91-1jpp.1.el7
  • java-1.8.0-oracle-jdbc-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-jdbc-1:1.8.0.91-1jpp.1.el7
  • java-1.8.0-oracle-plugin-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-plugin-1:1.8.0.91-1jpp.1.el7
  • java-1.8.0-oracle-src-1:1.8.0.91-1jpp.1.el6_7
  • java-1.8.0-oracle-src-1:1.8.0.91-1jpp.1.el7
  • java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-1:1.7.0.101-1jpp.1.el7
  • java-1.7.0-oracle-devel-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-devel-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-devel-1:1.7.0.101-1jpp.1.el7
  • java-1.7.0-oracle-javafx-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-javafx-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-javafx-1:1.7.0.101-1jpp.1.el7
  • java-1.7.0-oracle-jdbc-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-jdbc-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-jdbc-1:1.7.0.101-1jpp.1.el7
  • java-1.7.0-oracle-plugin-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-plugin-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-plugin-1:1.7.0.101-1jpp.1.el7
  • java-1.7.0-oracle-src-1:1.7.0.101-1jpp.1.el5_11
  • java-1.7.0-oracle-src-1:1.7.0.101-1jpp.1.el6_7
  • java-1.7.0-oracle-src-1:1.7.0.101-1jpp.1.el7
  • java-1.6.0-sun-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-sun-demo-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-demo-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-demo-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-sun-devel-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-devel-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-devel-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-sun-jdbc-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-jdbc-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-jdbc-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-sun-plugin-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-plugin-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-plugin-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-sun-src-1:1.6.0.115-1jpp.1.el5_11
  • java-1.6.0-sun-src-1:1.6.0.115-1jpp.1.el6_7
  • java-1.6.0-sun-src-1:1.6.0.115-1jpp.1.el7
  • java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-1:1.6.0.39-1.13.11.0.el7_2
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.39-1.13.11.0.el7_2
  • java-1.6.0-openjdk-demo-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-demo-1:1.6.0.39-1.13.11.0.el7_2
  • java-1.6.0-openjdk-devel-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-devel-1:1.6.0.39-1.13.11.0.el7_2
  • java-1.6.0-openjdk-javadoc-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-javadoc-1:1.6.0.39-1.13.11.0.el7_2
  • java-1.6.0-openjdk-src-1:1.6.0.39-1.13.11.0.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.39-1.13.11.0.el6_7
  • java-1.6.0-openjdk-src-1:1.6.0.39-1.13.11.0.el7_2