Vulnerabilities > CVE-2016-5582 - Improper Access Control vulnerability in Oracle JDK and JRE

CVSS 9.6 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

oracle

CWE-284

critical

nessus

NVD

Published: 2016-10-25

Updated: 2023-11-07

Summary

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle JDK 1.8.0 Oracle JDK 1.7.0 Oracle JDK 1.6.0 Oracle JRE 1.6.0 Oracle JRE 1.7.0 Oracle JRE 1.8.0	8

Common Weakness Enumeration (CWE)

CWE-284 - Improper Access Control

Common Attack Pattern Enumeration and Classification (CAPEC)

Embedding Scripts within Scripts
An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
Signature Spoofing by Key Theft
An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2017-795.NASL
description	It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	97025
published	2017-02-07
reporter	This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/97025
title	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2017-795. # include("compat.inc"); if (description) { script_id(97025); script_version("3.2"); script_cvs_date("Date: 2018/04/18 15:09:36"); script_cve_id("CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597"); script_xref(name:"ALAS", value:"2017-795"); script_name(english:"Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively." ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2017-795.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update java-1.6.0-openjdk' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2017/02/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/02/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) \|\| !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A\|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.77.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3121-1.NASL
description	It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5582) It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. (CVE-2016-5542) It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5554) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could use this to send debugging commands to a Java application with debugging enabled. (CVE-2016-5573) It was discovered that OpenJDK did not properly handle HTTP proxy authentication. An attacker could use this to expose HTTPS server authentication credentials. (CVE-2016-5597). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	94510
published	2016-11-03
reporter	Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94510
title	Ubuntu 16.04 LTS / 16.10 : openjdk-8 vulnerabilities (USN-3121-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-3121-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(94510); script_version("2.7"); script_cvs_date("Date: 2019/09/18 12:31:46"); script_cve_id("CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597"); script_xref(name:"USN", value:"3121-1"); script_name(english:"Ubuntu 16.04 LTS / 16.10 : openjdk-8 vulnerabilities (USN-3121-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5582) It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. (CVE-2016-5542) It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5554) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could use this to send debugging commands to a Java application with debugging enabled. (CVE-2016-5573) It was discovered that OpenJDK did not properly handle HTTP proxy authentication. An attacker could use this to expose HTTPS server authentication credentials. (CVE-2016-5597). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/3121-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk-headless"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-headless"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-jamvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-zero"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/25"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(16\.04\|16\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 16.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jdk", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jdk-headless", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jre", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jre-headless", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jre-jamvm", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"openjdk-8-jre-zero", pkgver:"8u111-b14-2ubuntu0.16.04.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jdk", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jdk-headless", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jre", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jre-headless", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jre-jamvm", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (ubuntu_check(osver:"16.10", pkgname:"openjdk-8-jre-zero", pkgver:"8u111-b14-2ubuntu0.16.10.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openjdk-8-jdk / openjdk-8-jdk-headless / openjdk-8-jre / etc"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-704.NASL
description	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure, denial of service and arbitrary code execution. For Debian 7
last seen	2020-03-17
modified	2016-11-07
plugin id	94587
published	2016-11-07
reporter	This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94587
title	Debian DLA-704-1 : openjdk-7 security update
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-704-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(94587); script_version("2.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597"); script_name(english:"Debian DLA-704-1 : openjdk-7 security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure, denial of service and arbitrary code execution. For Debian 7 'Wheezy', these problems have been fixed in version 7u111-2.6.7-2~deb7u1. We recommend that you upgrade your openjdk-7 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2016/11/msg00012.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/openjdk-7" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedtea-7-jre-cacao"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icedtea-7-jre-jamvm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-jdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-jre"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-jre-headless"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-jre-lib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-jre-zero"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjdk-7-source"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2016/11/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"7.0", prefix:"icedtea-7-jre-cacao", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"icedtea-7-jre-jamvm", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-dbg", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-demo", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-doc", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-jdk", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-jre", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-jre-headless", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-jre-lib", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-jre-zero", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"openjdk-7-source", reference:"7u111-2.6.7-2~deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2016-1080.NASL
description	According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm.(CVE-2016-5542) - A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions.(CVE-2016-5554) - It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim
last seen	2020-05-06
modified	2017-05-01
plugin id	99840
published	2017-05-01
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/99840
title	EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1080)

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2016-0015.NASL
description	An update of [openjdk,openjre,postgresql] packages for PhotonOS has been released.
last seen	2019-02-21
modified	2019-02-07
plugin id	111849
published	2018-08-17
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=111849
title	Photon OS 1.0: Openjdk / Openjre / Postgresql PHSA-2016-0015 (deprecated)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20170113_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL
description	Security Fix(es) : - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-03-18
modified	2017-01-16
plugin id	96526
published	2017-01-16
reporter	This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/96526
title	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20170113)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2016-2658.NASL
description	From Red Hat Security Advisory 2016:2658 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94621
published	2016-11-08
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94621
title	Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-2658)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-1357.NASL
description	This update for java-1_7_0-openjdk fixes the following issues : - Update to 2.6.8 - OpenJDK 7u121 - Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (boo#1005522) + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (boo#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (boo#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (boo#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (boo#1005527) + S8160838, CVE-2016-5597: Better HTTP service (boo#1005528) + PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (boo#1005524) - Import of OpenJDK 7 u121 build 0 + S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.jav a + S6882559: new JEditorPane(
last seen	2020-06-05
modified	2016-11-25
plugin id	95311
published	2016-11-25
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95311
title	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1357)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2017-0061.NASL
description	An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	96480
published	2017-01-13
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/96480
title	RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2017:0061)

NASL family	Virtuozzo Local Security Checks
NASL id	VIRTUOZZO_VZLSA-2017-0061.NASL
description	An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	101406
published	2017-07-13
reporter	This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/101406
title	Virtuozzo 7 : java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc (VZLSA-2017-0061)

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2016-771.NASL
description	It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm. (CVE-2016-5542) A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim
last seen	2020-06-01
modified	2020-06-02
plugin id	94977
published	2016-11-21
reporter	This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94977
title	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-771)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-2658.NASL
description	An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94623
published	2016-11-08
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94623
title	RHEL 5 / 6 / 7 : java-1.7.0-openjdk (RHSA-2016:2658)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-2090.NASL
description	An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 131. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597)
last seen	2020-06-01
modified	2020-06-02
plugin id	94190
published	2016-10-21
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94190
title	RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:2090)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-3707.NASL
description	Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.
last seen	2020-06-01
modified	2020-06-02
plugin id	94613
published	2016-11-08
reporter	This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94613
title	Debian DSA-3707-1 : openjdk-7 - security update

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201701-43.NASL
description	The remote host is affected by the vulnerability described in GLSA-201701-43 (IcedTea: Multiple vulnerabilities) Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability of vulnerable systems. Many of the vulnerabilities can only be exploited through sandboxed Java Web Start applications and java applets. Please review the CVE identifiers referenced below for details. Impact : Remote attackers may execute arbitrary code, compromise information, or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	96640
published	2017-01-20
reporter	This script is Copyright (C) 2017 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/96640
title	GLSA-201701-43 : IcedTea: Multiple vulnerabilities

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2016-759.NASL
description	It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94341
published	2016-10-28
reporter	This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94341
title	Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-759)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-1389.NASL
description	- Update to 2.6.8 - OpenJDK 7u121 - Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (boo#1005522) + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (boo#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (boo#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (boo#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (boo#1005527) + S8160838, CVE-2016-5597: Better HTTP service (boo#1005528) + PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (boo#1005524) - Import of OpenJDK 7 u121 build 0 + S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.jav a + S6882559: new JEditorPane(
last seen	2020-06-05
modified	2016-12-06
plugin id	95549
published	2016-12-06
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95549
title	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1389)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2016-2079.NASL
description	An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94140
published	2016-10-20
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94140
title	CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2016:2079)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20161019_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
description	Security Fix(es) : - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-03-18
modified	2016-10-20
plugin id	94151
published	2016-10-20
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94151
title	Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20161019)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-1380.NASL
description	OpenJDK Java was updated to jdk8u111 (icedtea 3.2.0) to fix the following issues : - Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + S8156794: Extend data sharing + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (bsc#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (bsc#1005527) + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (bsc#1005524) - New features + PR1370: Provide option to build without debugging + PR1375: Provide option to strip and link debugging info after build + PR1537: Handle alternative Kerberos credential cache locations + PR1978: Allow use of system PCSC + PR2445: Support system libsctp + PR3182: Support building without pre-compiled headers + PR3183: Support Fedora/RHEL system crypto policy + PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries - Import of OpenJDK 8 u102 build 14 + S4515292: ReferenceType.isStatic() returns true for arrays + S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command + S6976636: JVM/TI test ex03t001 fails assertion + S7185591: jcmd-big-script.sh ERROR: could not find app
last seen	2020-06-05
modified	2016-12-05
plugin id	95532
published	2016-12-05
reporter	This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/95532
title	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1380)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-1444.NASL
description	This update for java-1_7_0-openjdk fixes the following issues : - Update to 2.6.8 - OpenJDK 7u121 - Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (bsc#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (bsc#1005527) + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (bsc#1005524) - Import of OpenJDK 7 u121 build 0 + S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.jav a + S6882559: new JEditorPane(
last seen	2020-06-05
modified	2016-12-13
plugin id	95750
published	2016-12-13
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95750
title	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1444)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-2088.NASL
description	An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 111. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597)
last seen	2020-06-01
modified	2020-06-02
plugin id	94188
published	2016-10-21
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94188
title	RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:2088)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3130-1.NASL
description	It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. (CVE-2016-5542) It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5554) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could use this to send debugging commands to a Java application with debugging enabled. (CVE-2016-5573) It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5582) It was discovered that OpenJDK did not properly handle HTTP proxy authentication. An attacker could use this to expose HTTPS server authentication credentials. (CVE-2016-5597). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	94954
published	2016-11-18
reporter	Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94954
title	Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3130-1)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2017-0061.NASL
description	An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	96457
published	2017-01-13
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/96457
title	CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2017:0061)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2016-2079.NASL
description	From Red Hat Security Advisory 2016:2079 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94149
published	2016-10-20
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94149
title	Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2016-2079)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2016-1335.NASL
description	OpenJDK java-1_8_0-openjdk was updated to jdk8u111 (icedtea 3.2.0) to fix the following issues : - Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (boo#1005522) + S8156794: Extend data sharing + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (boo#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (boo#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (boo#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (boo#1005527) + S8160838, CVE-2016-5597: Better HTTP service (boo#1005528) + PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (boo#1005524) - New features + PR1370: Provide option to build without debugging + PR1375: Provide option to strip and link debugging info after build + PR1537: Handle alternative Kerberos credential cache locations + PR1978: Allow use of system PCSC + PR2445: Support system libsctp + PR3182: Support building without pre-compiled headers + PR3183: Support Fedora/RHEL system crypto policy + PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries - Import of OpenJDK 8 u102 build 14 + S4515292: ReferenceType.isStatic() returns true for arrays + S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command + S6976636: JVM/TI test ex03t001 fails assertion + S7185591: jcmd-big-script.sh ERROR: could not find app
last seen	2020-06-05
modified	2016-11-21
plugin id	95023
published	2016-11-21
reporter	This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/95023
title	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1335)

NASL family	Windows
NASL id	ORACLE_JAVA_CPU_OCT_2016.NASL
description	The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 111, 7 Update 121, or 6 Update 131. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Libraries subcomponent that allows an unauthenticated, remote attacker to impact integrity. (CVE-2016-5542) - An unspecified flaw exists in the JMX subcomponent that allows an unauthenticated, remote attacker to impact integrity. (CVE-2016-5554) - An unspecified flaw exists in the 2D subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5556) - An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5568) - Multiple unspecified flaws exist in the Hotspot subcomponent that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5573, CVE-2016-5582) - An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2016-5597)
last seen	2020-06-01
modified	2020-06-02
plugin id	94138
published	2016-10-19
reporter	This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94138
title	Oracle Java SE Multiple Vulnerabilities (October 2016 CPU)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2016-2658.NASL
description	An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94740
published	2016-11-14
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94740
title	CentOS 5 / 6 / 7 : java-1.7.0-openjdk (CESA-2016:2658)

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2016-0015_OPENJDK.NASL
description	An update of the openjdk package has been released.
last seen	2020-03-17
modified	2019-02-07
plugin id	121660
published	2019-02-07
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121660
title	Photon OS 1.0: Openjdk PHSA-2016-0015

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20161107_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL
description	Security Fix(es) : - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-03-18
modified	2016-11-08
plugin id	94627
published	2016-11-08
reporter	This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94627
title	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL6.x i386/x86_64 (20161107)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-2079.NASL
description	An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	94150
published	2016-10-20
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94150
title	RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2016:2079)

NASL family	Misc.
NASL id	ORACLE_JAVA_CPU_OCT_2016_UNIX.NASL
description	The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 111, 7 Update 121, or 6 Update 131. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Libraries subcomponent that allows an unauthenticated, remote attacker to impact integrity. (CVE-2016-5542) - An unspecified flaw exists in the JMX subcomponent that allows an unauthenticated, remote attacker to impact integrity. (CVE-2016-5554) - An unspecified flaw exists in the 2D subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5556) - An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5568) - Multiple unspecified flaws exist in the Hotspot subcomponent that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-5573, CVE-2016-5582) - An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2016-5597)
last seen	2020-06-01
modified	2020-06-02
plugin id	94139
published	2016-10-19
reporter	This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94139
title	Oracle Java SE Multiple Vulnerabilities (October 2016 CPU) (Unix)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-2089.NASL
description	An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 121. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597)
last seen	2020-06-01
modified	2020-06-02
plugin id	94189
published	2016-10-21
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/94189
title	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:2089)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2017-0061.NASL
description	From Red Hat Security Advisory 2017:0061 : An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Security Fix(es) : * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine
last seen	2020-06-01
modified	2020-06-02
plugin id	96476
published	2017-01-13
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/96476
title	Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2017-0061)

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2016-0015_OPENJRE.NASL
description	An update of the openjre package has been released.
last seen	2020-03-17
modified	2019-02-07
plugin id	121661
published	2019-02-07
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/121661
title	Photon OS 1.0: Openjre PHSA-2016-0015

NASL family	NewStart CGSL Local Security Checks
NASL id	NEWSTART_CGSL_NS-SA-2019-0111_JAVA-1.8.0-OPENJDK.NASL
description	The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities: - It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) - An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) - It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re- use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) - A newline injection flaw was discovered in the SMTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate SMTP connections established by a Java application. (CVE-2017-3544) - It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) - A newline injection flaw was discovered in the FTP client implementation in the Networking component in OpenJDK. A remote attacker could possibly use this flaw to manipulate FTP connections established by a Java application. (CVE-2017-3533) - It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools. (CVE-2016-5546) - It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory. (CVE-2016-5547) - A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2016-5548) - It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL. (CVE-2016-5552) - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts). (CVE-2017-3231, CVE-2017-3261) - It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-3241) - It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN. (CVE-2017-3252) - It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory. (CVE-2017-3253) - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). (CVE-2017-3272) - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). (CVE-2017-3289) - It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm. (CVE-2016-5542) - A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) - It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim
last seen	2020-06-01
modified	2020-06-02
plugin id	127348
published	2019-08-12
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127348
title	NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0111)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201611-04.NASL
description	The remote host is affected by the vulnerability described in GLSA-201611-04 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities exist in both Oracle’s JRE and JDK. Please review the referenced CVE’s for additional information. Impact : Remote attackers could gain access to information, remotely execute arbitrary code, or cause Denial of Service. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	94595
published	2016-11-07
reporter	This script is Copyright (C) 2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/94595
title	GLSA-201611-04 : Oracle JRE/JDK: Multiple vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2016-2953-1.NASL
description	This update for java-1_7_0-openjdk fixes the following issues : - Update to 2.6.8 - OpenJDK 7u121 - Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (bsc#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (bsc#1005527) + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + PR3207, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (bsc#1005524) - Import of OpenJDK 7 u121 build 0 + S6624200: Regression test fails: test/closed/javax/swing/JMenuItem/4654927/bug4654927.jav a + S6882559: new JEditorPane(
last seen	2020-06-01
modified	2020-06-02
plugin id	95423
published	2016-12-01
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95423
title	SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:2953-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2016-2887-1.NASL
description	OpenJDK Java was updated to jdk8u111 (icedtea 3.2.0) to fix the following issues : - Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks (bsc#1005522) + S8156794: Extend data sharing + S8157176: Improved classfile parsing + S8157739, CVE-2016-5554: Classloader Consistency Checking (bsc#1005523) + S8157749: Improve handling of DNS error replies + S8157753: Audio replay enhancement + S8157759: LCMS Transform Sampling Enhancement + S8157764: Better handling of interpolation plugins + S8158302: Handle contextual glyph substitutions + S8158993, CVE-2016-5568: Service Menu services (bsc#1005525) + S8159495: Fix index offsets + S8159503: Amend Annotation Actions + S8159511: Stack map validation + S8159515: Improve indy validation + S8159519, CVE-2016-5573: Reformat JDWP messages (bsc#1005526) + S8160090: Better signature handling in pack200 + S8160094: Improve pack200 layout + S8160098: Clean up color profiles + S8160591, CVE-2016-5582: Improve internal array handling (bsc#1005527) + S8160838, CVE-2016-5597: Better HTTP service (bsc#1005528) + PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read() + CVE-2016-5556 (bsc#1005524) - New features + PR1370: Provide option to build without debugging + PR1375: Provide option to strip and link debugging info after build + PR1537: Handle alternative Kerberos credential cache locations + PR1978: Allow use of system PCSC + PR2445: Support system libsctp + PR3182: Support building without pre-compiled headers + PR3183: Support Fedora/RHEL system crypto policy + PR3221: Use pkgconfig to detect Kerberos CFLAGS and libraries - Import of OpenJDK 8 u102 build 14 + S4515292: ReferenceType.isStatic() returns true for arrays + S4858370: JDWP: Memory Leak: GlobalRefs never deleted when processing invokeMethod command + S6976636: JVM/TI test ex03t001 fails assertion + S7185591: jcmd-big-script.sh ERROR: could not find app
last seen	2020-06-01
modified	2020-06-02
plugin id	95294
published	2016-11-23
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95294
title	SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2887-1)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-3154-1.NASL
description	It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. (CVE-2016-5542) It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5554) It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could use this to send debugging commands to a Java application with debugging enabled. (CVE-2016-5573) It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An attacker could use this to bypass Java sandbox restrictions. (CVE-2016-5582) It was discovered that OpenJDK did not properly handle HTTP proxy authentication. An attacker could use this to expose HTTPS server authentication credentials. (CVE-2016-5597). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	95629
published	2016-12-08
reporter	Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/95629
title	Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3154-1)

Redhat

advisories

rhsa
id RHSA-2016:2079
rhsa
id RHSA-2016:2088
rhsa
id RHSA-2016:2089
rhsa
id RHSA-2016:2090
rhsa
id RHSA-2016:2658
rhsa
id RHSA-2017:0061

rpms

java-1.8.0-openjdk-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-accessibility-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-accessibility-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-debuginfo-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-debuginfo-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-demo-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-demo-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-demo-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-demo-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-devel-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-devel-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-devel-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-devel-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-headless-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-headless-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-headless-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-headless-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-javadoc-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-javadoc-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-javadoc-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-javadoc-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-src-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-src-1:1.8.0.111-1.b15.el7_2
java-1.8.0-openjdk-src-debug-1:1.8.0.111-0.b15.el6_8
java-1.8.0-openjdk-src-debug-1:1.8.0.111-1.b15.el7_2
java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-1:1.8.0.111-1jpp.4.el7
java-1.8.0-oracle-devel-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-devel-1:1.8.0.111-1jpp.4.el7
java-1.8.0-oracle-javafx-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-javafx-1:1.8.0.111-1jpp.4.el7
java-1.8.0-oracle-jdbc-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-jdbc-1:1.8.0.111-1jpp.4.el7
java-1.8.0-oracle-plugin-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-plugin-1:1.8.0.111-1jpp.4.el7
java-1.8.0-oracle-src-1:1.8.0.111-1jpp.4.el6_8
java-1.8.0-oracle-src-1:1.8.0.111-1jpp.4.el7
java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-1:1.7.0.121-1jpp.1.el7
java-1.7.0-oracle-devel-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-devel-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-devel-1:1.7.0.121-1jpp.1.el7
java-1.7.0-oracle-javafx-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-javafx-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-javafx-1:1.7.0.121-1jpp.1.el7
java-1.7.0-oracle-jdbc-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-jdbc-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-jdbc-1:1.7.0.121-1jpp.1.el7
java-1.7.0-oracle-plugin-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-plugin-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-plugin-1:1.7.0.121-1jpp.1.el7
java-1.7.0-oracle-src-1:1.7.0.121-1jpp.1.el5_11
java-1.7.0-oracle-src-1:1.7.0.121-1jpp.1.el6_8
java-1.7.0-oracle-src-1:1.7.0.121-1jpp.1.el7
java-1.6.0-sun-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-1:1.6.0.131-1jpp.1.el7
java-1.6.0-sun-demo-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-demo-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-demo-1:1.6.0.131-1jpp.1.el7
java-1.6.0-sun-devel-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-devel-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-devel-1:1.6.0.131-1jpp.1.el7
java-1.6.0-sun-jdbc-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-jdbc-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-jdbc-1:1.6.0.131-1jpp.1.el7
java-1.6.0-sun-plugin-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-plugin-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-plugin-1:1.6.0.131-1jpp.1.el7
java-1.6.0-sun-src-1:1.6.0.131-1jpp.1.el5_11
java-1.6.0-sun-src-1:1.6.0.131-1jpp.1.el6_8
java-1.6.0-sun-src-1:1.6.0.131-1jpp.1.el7
java-1.7.0-openjdk-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-1:1.7.0.121-2.6.8.1.el6_8
java-1.7.0-openjdk-accessibility-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-debuginfo-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-debuginfo-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-debuginfo-1:1.7.0.121-2.6.8.1.el6_8
java-1.7.0-openjdk-demo-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-demo-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-demo-1:1.7.0.121-2.6.8.1.el6_8
java-1.7.0-openjdk-devel-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-devel-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-devel-1:1.7.0.121-2.6.8.1.el6_8
java-1.7.0-openjdk-headless-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-javadoc-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-javadoc-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-javadoc-1:1.7.0.121-2.6.8.1.el6_8
java-1.7.0-openjdk-src-1:1.7.0.121-2.6.8.0.el7_3
java-1.7.0-openjdk-src-1:1.7.0.121-2.6.8.1.el5_11
java-1.7.0-openjdk-src-1:1.7.0.121-2.6.8.1.el6_8
java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-1:1.6.0.41-1.13.13.1.el7_3
java-1.6.0-openjdk-debuginfo-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-debuginfo-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-debuginfo-1:1.6.0.41-1.13.13.1.el7_3
java-1.6.0-openjdk-demo-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-demo-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-demo-1:1.6.0.41-1.13.13.1.el7_3
java-1.6.0-openjdk-devel-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-devel-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-devel-1:1.6.0.41-1.13.13.1.el7_3
java-1.6.0-openjdk-javadoc-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-javadoc-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-javadoc-1:1.6.0.41-1.13.13.1.el7_3
java-1.6.0-openjdk-src-1:1.6.0.41-1.13.13.1.el5_11
java-1.6.0-openjdk-src-1:1.6.0.41-1.13.13.1.el6_8
java-1.6.0-openjdk-src-1:1.6.0.41-1.13.13.1.el7_3

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Redhat

References