Lucene search

K
archlinuxArch LinuxASA-201510-18
HistoryOct 23, 2015 - 12:00 a.m.

jdk8-openjdk: multiple issues

2015-10-2300:00:00
Arch Linux
lists.archlinux.org
33

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

93.7%

  • CVE-2015-4734 (information disclosure)

It was discovered that the JGSS component of OpenJDK did not properly
hide Kerberos realm information from all error exceptions when running
under Security Manager. An untrusted Java application or applet could
use this flaw to obtain certain information about the Kerberos
configuration on the host where they were executed, bypassing certain
Java sandbox restrictions.

  • CVE-2015-4803 (denial of service)

It was discovered that the JAXP component of OpenJDK did not use
efficient data structures to store data from parsed XML documents. A
specially-crafted XML input could cause a Java application using JAXP to
use an excessive amount of CPU time by e.g. triggering hash collisions.

  • CVE-2015-4805 (arbitrary code execution)

It was discovered that the ObjectStreamClass in the Serialization
component of OpenJDK failed to ensure that the object is fully
initialized before allowing calls of certain methods. An untrusted Java
application or applet could use this flaw to bypass Java sandbox
restrictions to execute code.

  • CVE-2015-4806 (improper input validation)

A vulnerability has been discovered leading to HttpURLConnection header
restriction bypass, allowing remote attackers to affect confidentiality
and integrity via unknown vectors related to Libraries.

  • CVE-2015-4810 (arbitrary code execution)

An unspecified vulnerability has been discovered that allows local users
to affect confidentiality, integrity, and availability via unknown
vectors related to Deployment.

  • CVE-2015-4835 (arbitrary code execution)

It was discovered that the StubGenerator class in the CORBA component of
OpenJDK failed to generate code with all needed permission checks
related to object (de-)serialization. An untursted Java application or
applet could use this flaw to bypass Java sandbox restrictions and
execute arbitrary code.

  • CVE-2015-4840 (information disclosure)

It was discovered that the 2D component of OpenJDK could perform out of
bounds access and possibly disclose portions of the Java Virtual Machine
memory when processing specially crafted color profiles. The issue was
caused by having bundled lcms2 code use fast floor() implementation. An
untrusted Java application or applet could use this flaw to bypass
certain Java sandbox restrictions.

  • CVE-2015-4842 (information disclosure)

An information disclosure flaw was found in the JAXP component of
OpenJDK. An untrusted Java application or applet could use this flaw to
get information about user home directory location (the content of the
"user.dir" system property), hence bypassing certain Java sandbox
restrictions.

  • CVE-2015-4843 (arbitrary code execution)

Multiple integer overflow issues were found in the implementation of
Buffers in the java.nio (Non-blocking I/O) packages in the Libraries
component of OpenJDK. These could lead to out of bounds buffer access
and Java Virtual Machine memory corruption. An untursted Java
application or applet could use these flaws to run arbitrary code with
the Java Virtual Machine privileges or bypass Java sandbox restrictions.

  • CVE-2015-4844 (arbitrary code execution)

It was discovered that ICU Layout Engine was missing multiple boundary
and error return checks. These could lead to buffer overflows and memory
corruption. A specially crafted font file could cause an application
using ICU to parse untrusted fonts to crash and, possibly, execute
arbitrary code.

  • CVE-2015-4860 (sandbox bypass)

It was discovered that the DGCImpl (for RMI distributed
garbage-collection - DGC) class in the RMI component of OpenJDK failed
to use restricted access control context when processing untrusted
input. An untrusted Java application or applet could use this flaw to
bypass Java sandbox restrictions.

  • CVE-2015-4868 (security policy bypass)

A flaw was found in the way the Libraries component of OpenJDK handled
certificate revocation lists (CRL). In certain cases, CRL checking code
could fail to report that a certificate was revoked, causing the
application to accept it as trusted.

  • CVE-2015-4872 (security policy bypass)

It was discovered that the AlgorithmChecker class in the Security
component of OpenJDK failed to properly check if a certificate satisfies
all defined constraints in certain cases. This could cause a Java
application to accept an X.509 certificate which does not meet
requirements of the policy defined in the java.security file.

  • CVE-2015-4881 (sandbox bypass)

It was discovered that the IIOPInputStream class in the CORBA component
of OpenJDK failed to properly check object and field types during object
deserialization. An untrusted Java application or applet could use this
flaw to bypass Java sandbox restrictions.

  • CVE-2015-4882 (denial of service)

A flaw was found in the way the IIOPInputStream class in the CORBA
component of OpenJDK performed deserialization of String objects. An
untrusted Java application or applet could use this flaw to crash the
Java Virtual Machine.

  • CVE-2015-4883 (sandbox bypass)

It was discovered that the DGCClient (for RMI distributed
garbage-collection - DGC) class in the RMI component of OpenJDK failed
to use restricted access control context when handling JRMP (Java Remote
Method Protocol) messages. An untrusted Java application or applet could
use this flaw to bypass Java sandbox restrictions.

  • CVE-2015-4893 (denial of service)

It was discovered that the JAXP component of OpenJDK did not enforce the
maximum XML name limit (jdk.xml.MaxXMLNameLimit) when parsing XML files.
A specially crafted XML document could cause a Java application using
JAXP to consume an excessive amount of memory and CPU time when parsed.

  • CVE-2015-4901 (unknown)

A unspecified vulnerability allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors related
to JavaFX.

  • CVE-2015-4902 (unknown)

An unspecified vulnerability has been discovered that allows remote
attackers to affect integrity via unknown vectors related to Deployment.

  • CVE-2015-4903 (sandbox bypass)

It was discovered that the RemoteObjectInvocationHandler class in the
RMI component of OpenJDK did not check if object proxy is an instance of
a proxy class and that it uses correct invocation handler. An untrusted
Java application or applet could use this flaw to bypass certain Java
sandbox restrictions by gaining access to data that should by protected
by the sandbox.

  • CVE-2015-4906 (unknown)

A unspecified vulnerability allows remote attackers to affect
confidentiality via unknown vectors related to JavaFX.

  • CVE-2015-4908 (unknown)

A unspecified vulnerability allows remote attackers to affect
confidentiality via unknown vectors.

  • CVE-2015-4911 (denial of service)

It was discovered that the StAX XML parser in the JAXP component of
OpenJDK could do certain DTD processing even when DTD support was
disabled via the javax.xml.stream.supportDTD system property. A
specially crafted XML document could cause a Java application using JAXP
to consume an excessive amount of memory and CPU time when parsed.

  • CVE-2015-4916 (unknown)

A unspecified vulnerability allows remote attackers to affect
confidentiality via unknown vectors.

OSVersionArchitecturePackageVersionFilename
anyanyanyjdk8-openjdk< 8.u65-1UNKNOWN

References

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

93.7%