SOL50118123 - Java vulnerabilities CVE-2016-0466 and CVE-2016-0483
2016-04-05T00:00:00
ID SOL50118123 Type f5 Reporter f5 Modified 2016-10-07T00:00:00
Description
Vulnerability Recommended Actions
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
{"f5": [{"lastseen": "2017-09-06T21:06:04", "bulletinFamily": "software", "cvelist": ["CVE-2016-0483", "CVE-2016-0466"], "edition": 1, "description": "\nF5 Product Development has assigned ID 574157 (BIG-IP), ID 574655 (BIG-IQ), ID 574658 (Enterprise Manager), and INSTALLER-2248 (Traffix SDC) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H582057 on the **Diagnostics** > **Identified** > **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 | 12.1.1 | Low | Configuration utility \nBIG-IP AAM | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 | 12.1.1 | Low | Configuration utility \nBIG-IP AFM | 12.0.0 -12.1.0 \n11.4.0 - 11.6.1 | 12.1.1 | Low | Configuration utility \nBIG-IP Analytics | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 | 12.1.1 | Low | Configuration utility \nBIG-IP APM | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 | 12.1.1 | Low | Configuration utility \nBIG-IP ASM | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 | 12.1.1 | Low | Configuration utility \nBIG-IP DNS | 12.0.0 - 12.1.0 | 12.1.1 | Low | Configuration utility \nBIG-IP Edge Gateway | 11.2.1 \n10.1.0 - 10.2.4 | None | Low | Configuration utility \nBIG-IP GTM | 11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 | None | Low | Configuration utility \nBIG-IP Link Controller | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 | 12.1.1 | Low | Configuration utility \nBIG-IP PEM | 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 | 12.1.1 | Low | Configuration utility \nBIG-IP PSM | 11.4.0 - 11.4.1 \n10.1.0 - 10.2.4 | None | Low | Configuration utility \nBIG-IP WebAccelerator | 11.2.1 \n10.1.0 - 10.2.4 | None | Low | Configuration utility \nBIG-IP WOM | 11.2.1 \n10.1.0 - 10.2.4 | None | Low | Configuration utility \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | Low | Configuration utility \nFirePass | None | 7.0.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Low | Configuration utility \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Low | Configuration utility \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Low | Configuration utility \nBIG-IQ ADC | 4.5.0 | None | Low | Configuration utility \nBIG-IQ Centralized Management | 4.6.0 | None | Low | Configuration utility \nBIG-IQ Cloud and Orchestration | 1.0.0 | None | Low | Configuration utility \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | None | Low | Java\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2017-09-06T17:04:00", "published": "2016-04-05T23:20:00", "id": "F5:K50118123", "href": "https://support.f5.com/csp/article/K50118123", "title": "Java vulnerabilities CVE-2016-0466 and CVE-2016-0483", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-10-03T12:10:38", "description": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.\nPer Oracle: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.", "edition": 4, "cvss3": {}, "published": "2016-01-21T03:00:00", "title": "CVE-2016-0483", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0483"], "modified": "2020-09-08T12:30:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/a:oracle:jrockit:r28.3.8", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.8.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2016-0483", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0483", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-10-03T12:10:38", "description": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.\nPer Oracle: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.", "edition": 4, "cvss3": {}, "published": "2016-01-21T03:00:00", "title": "CVE-2016-0466", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0466"], "modified": "2020-09-08T12:30:00", "cpe": ["cpe:/a:oracle:jre:1.6.0", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:oracle:jdk:1.6.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.8.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2016-0466", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0466", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_105:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_91:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "nessus": [{"lastseen": "2020-09-22T05:50:56", "description": "CVE-2016-0466 Unspecified vulnerability in the Java SE, Java SE\nEmbedded, and JRockit components in Oracle Java SE 6u105, 7u91, and\n8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote\nattackers to affect availability via vectors related to JAXP.\n\nCVE-2016-0483 Unspecified vulnerability in the Java SE, Java SE\nEmbedded, and JRockit components in Oracle Java SE 6u105, 7u91, and\n8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote\nattackers to affect confidentiality, integrity, and availability via\nvectors related to AWT.", "edition": 18, "published": "2016-10-10T00:00:00", "title": "F5 Networks BIG-IP : Java vulnerabilities (K50118123)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0466"], "modified": "2016-10-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL50118123.NASL", "href": "https://www.tenable.com/plugins/nessus/93916", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K50118123.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93916);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/21\");\n\n script_cve_id(\"CVE-2016-0466\", \"CVE-2016-0483\");\n\n script_name(english:\"F5 Networks BIG-IP : Java vulnerabilities (K50118123)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"CVE-2016-0466 Unspecified vulnerability in the Java SE, Java SE\nEmbedded, and JRockit components in Oracle Java SE 6u105, 7u91, and\n8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote\nattackers to affect availability via vectors related to JAXP.\n\nCVE-2016-0483 Unspecified vulnerability in the Java SE, Java SE\nEmbedded, and JRockit components in Oracle Java SE 6u105, 7u91, and\n8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote\nattackers to affect confidentiality, integrity, and availability via\nvectors related to AWT.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K50118123\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K50118123.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K50118123\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.4.0-11.6.1\",\"11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.1.1\",\"11.6.2\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:34:50", "description": "The version of Oracle JRockit installed on the remote Windows host is\nR28 prior to R28.3.9. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists in the Security subcomponent\n due to a failure to reject MD5 signatures in the server\n signature within the TLS 1.2 ServerKeyExchange messages.\n A man-in-the-middle attacker, by triggering collisions,\n can exploit this issue to spoof servers. (CVE-2015-7575)\n\n - A memory corruption issue exists in the AWT subcomponent\n when decoding JPEG files. A remote attacker can exploit\n this to execute arbitrary code. (CVE-2016-0483)\n\n - A collision-based forgery vulnerability, known as SLOTH\n (Security Losses from Obsolete and Truncated Transcript\n Hashes), exists in the TLS protocol due to accepting\n RSA-MD5 signatures in the server signature within the\n TLS 1.2 ServerKeyExchange messages during a TLS\n handshake. A man-in-the-middle attacker can exploit\n this, via a transcript collision attack, to impersonate\n a TLS server. (CVE-2015-7575) (CVE-2016-0475)\n\n - A denial of service vulnerability exists in the JAXP\n subcomponent during the handling of expanded general\n entities. A remote attacker can exploit this to bypass\n the 'totalEntitySizeLimit' restrictions and exhaust\n available memory. (CVE-2016-0466)", "edition": 25, "published": "2016-01-21T00:00:00", "title": "Oracle JRockit R28 < R28.3.9 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0475"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:oracle:jrockit"], "id": "ORACLE_JROCKIT_CPU_JAN_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/88041", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88041);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\n \"CVE-2015-7575\",\n \"CVE-2016-0483\",\n \"CVE-2016-0475\",\n \"CVE-2016-0466\"\n );\n script_bugtraq_id(79684);\n\n script_name(english:\"Oracle JRockit R28 < R28.3.9 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)\");\n script_summary(english:\"Checks the version of jvm.dll.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A programming platform installed on the remote Windows host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JRockit installed on the remote Windows host is\nR28 prior to R28.3.9. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists in the Security subcomponent\n due to a failure to reject MD5 signatures in the server\n signature within the TLS 1.2 ServerKeyExchange messages.\n A man-in-the-middle attacker, by triggering collisions,\n can exploit this issue to spoof servers. (CVE-2015-7575)\n\n - A memory corruption issue exists in the AWT subcomponent\n when decoding JPEG files. A remote attacker can exploit\n this to execute arbitrary code. (CVE-2016-0483)\n\n - A collision-based forgery vulnerability, known as SLOTH\n (Security Losses from Obsolete and Truncated Transcript\n Hashes), exists in the TLS protocol due to accepting\n RSA-MD5 signatures in the server signature within the\n TLS 1.2 ServerKeyExchange messages during a TLS\n handshake. A man-in-the-middle attacker can exploit\n this, via a transcript collision attack, to impersonate\n a TLS server. (CVE-2015-7575) (CVE-2016-0475)\n\n - A denial of service vulnerability exists in the JAXP\n subcomponent during the handling of expanded general\n entities. A remote attacker can exploit this to bypass\n the 'totalEntitySizeLimit' restrictions and exhaust\n available memory. (CVE-2016-0466)\");\n # http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d13bbe45\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mitls.org/pages/attacks/SLOTH\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.mitls.org/downloads/transcript-collisions.pdf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle JRockit version R28.3.9 or later as referenced in\nthe January 2016 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jrockit\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_jrockit_installed.nasl\");\n script_require_keys(\"installed_sw/Oracle JRockit\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Oracle JRockit\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\nver = install['version'];\ntype = install['type'];\npath = install['path'];\n\nif (ver =~ \"^28(\\.3)?$\") audit(AUDIT_VER_NOT_GRANULAR, app, ver);\nif (ver !~ \"^28\\.3($|[^0-9])\") audit(AUDIT_NOT_INST, app + \" 28.3.x\");\n\n# Affected :\n# 28.3.8.x\nif (ver =~ \"^28\\.3\\.8($|[^0-9])\")\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n # The DLL we're looking at is a level deeper in the JDK, since it\n # keeps a subset of the JRE in a subdirectory.\n if (type == \"JDK\") path += \"\\jre\";\n path += \"\\bin\\jrockit\\jvm.dll\";\n\n report =\n '\\n Type : ' + type +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 28.3.9' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:29:22", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity, and availability. An attacker\ncould exploit these to cause a denial of service, expose sensitive\ndata over the network, or possibly execute arbitrary code.\n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit this to expose sensitive data\nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nA vulnerability was discovered in the OpenJDK JRE related to\ninformation disclosure. An attacker could exploit this to expose\nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to\navailability. An attacker could exploit this to cause a denial of\nservice. (CVE-2016-0466).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2016-02-02T00:00:00", "title": "Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2885-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero", "p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-jamvm", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2885-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88517", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2885-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88517);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"USN\", value:\"2885-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2885-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity, and availability. An attacker\ncould exploit these to cause a denial of service, expose sensitive\ndata over the network, or possibly execute arbitrary code.\n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit this to expose sensitive data\nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nA vulnerability was discovered in the OpenJDK JRE related to\ninformation disclosure. An attacker could exploit this to expose\nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to\navailability. An attacker could exploit this to cause a denial of\nservice. (CVE-2016-0466).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2885-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-jamvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"icedtea-6-jre-jamvm\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"openjdk-6-jre\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b38-1.13.10-0ubuntu0.12.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icedtea-6-jre-cacao / icedtea-6-jre-jamvm / openjdk-6-jre / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:49:08", "description": "An out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll running instances of OpenJDK Java must be restarted for the update\nto take effect.", "edition": 14, "published": "2016-01-27T00:00:00", "title": "Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160126)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-01-27T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk", "p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-demo", "p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-src", "p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-devel", "p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20160126_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/88407", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88407);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n\n script_name(english:\"Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160126)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll running instances of OpenJDK Java must be restarted for the update\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1601&L=scientific-linux-errata&F=&S=&P=11744\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca74feb3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:30:30", "description": "Updated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 28, "published": "2016-01-27T00:00:00", "title": "CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:0067)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-01-27T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:java-1.6.0-openjdk", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-src", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2016-0067.NASL", "href": "https://www.tenable.com/plugins/nessus/88386", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0067 and \n# CentOS Errata and Security Advisory 2016:0067 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88386);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"RHSA\", value:\"2016:0067\");\n\n script_name(english:\"CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:0067)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-January/021626.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baa312c1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-January/021627.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f74f44d2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-January/021628.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ddeed7a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-0483\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:19:15", "description": "An out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402 ,\nCVE-2016-0448)", "edition": 23, "published": "2016-03-04T00:00:00", "title": "Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-654)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo"], "id": "ALA_ALAS-2016-654.NASL", "href": "https://www.tenable.com/plugins/nessus/89119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-654.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89119);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"ALAS\", value:\"2016-654\");\n script_xref(name:\"RHSA\", value:\"2016:0067\");\n\n script_name(english:\"Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-654)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402 ,\nCVE-2016-0448)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-654.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update java-1.6.0-openjdk' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.73.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:06:07", "description": "Updated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 29, "published": "2016-01-27T00:00:00", "title": "RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0067)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.2", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo"], "id": "REDHAT-RHSA-2016-0067.NASL", "href": "https://www.tenable.com/plugins/nessus/88404", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0067. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88404);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:41\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"RHSA\", value:\"2016:0067\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0067)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:0067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0494\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-0466\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0067\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el5_11\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:50:32", "description": "From Red Hat Security Advisory 2016:0067 :\n\nUpdated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 25, "published": "2016-01-27T00:00:00", "title": "Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0067)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-01-27T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2016-0067.NASL", "href": "https://www.tenable.com/plugins/nessus/88403", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2016:0067 and \n# Oracle Linux Security Advisory ELSA-2016-0067 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88403);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"RHSA\", value:\"2016:0067\");\n\n script_name(english:\"Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0067)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2016:0067 :\n\nUpdated java-1.6.0-openjdk packages that fix multiple security issues\nare now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder\nin the AWT component in OpenJDK. A specially crafted JPEG image could\ncause a Java application to crash or, possibly execute arbitrary code.\nAn untrusted Java application or applet could use this flaw to bypass\nJava sandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the\n2D component in OpenJDK. A specially crafted font file could possibly\ncause the Java Virtual Machine to execute arbitrary code, allowing an\nuntrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a\nJava application process a specially crafted XML file could use this\nflaw to make the application consume an excessive amount of memory.\n(CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2016-0402,\nCVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in\nthe certification path processing. The use of MD5 can be re-enabled by\nremoving MD5 from the jdk.certpath.disabledAlgorithms security\nproperty defined in the java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-January/005719.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-January/005720.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2016-January/005721.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.0.1.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.0.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el7_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:49:23", "description": "Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and\ninsecure cryptography.", "edition": 24, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-01-28T00:00:00", "title": "Debian DSA-3458-1 : openjdk-7 - security update (SLOTH)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-01-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openjdk-7", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3458.NASL", "href": "https://www.tenable.com/plugins/nessus/88427", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3458. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88427);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7575\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"DSA\", value:\"3458\");\n\n script_name(english:\"Debian DSA-3458-1 : openjdk-7 - security update (SLOTH)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and\ninsecure cryptography.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/openjdk-7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/openjdk-7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3458\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjdk-7 packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 7u95-2.6.4-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 7u95-2.6.4-1~deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjdk-7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"icedtea-7-jre-cacao\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedtea-7-jre-jamvm\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-dbg\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-demo\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-doc\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-jdk\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-jre\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-jre-headless\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-jre-lib\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-jre-zero\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openjdk-7-source\", reference:\"7u95-2.6.4-1~deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedtea-7-jre-jamvm\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-dbg\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-demo\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-doc\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-jdk\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-jre\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-jre-headless\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-jre-lib\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-jre-zero\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openjdk-7-source\", reference:\"7u95-2.6.4-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:29:22", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity, and availability. An attacker\ncould exploit these to cause a denial of service, expose sensitive\ndata over the network, or possibly execute arbitrary code.\n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit this to expose sensitive data\nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nIt was discovered that OpenJDK 7 incorrectly allowed MD5 to be used\nfor TLS connections. If a remote attacker were able to perform a\nman-in-the-middle attack, this flaw could be exploited to expose\nsensitive information. (CVE-2015-7575)\n\nA vulnerability was discovered in the OpenJDK JRE related to\ninformation disclosure. An attacker could exploit this to expose\nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to\navailability. An attacker could exploit this to cause a denial of\nservice. (CVE-2016-0466).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 5.9, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2016-02-02T00:00:00", "title": "Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2884-1) (SLOTH)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "modified": "2016-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-zero", "p-cpe:/a:canonical:ubuntu_linux:icedtea-7-jre-jamvm", "cpe:/o:canonical:ubuntu_linux:15.04", "p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-headless", "p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre", "cpe:/o:canonical:ubuntu_linux:15.10", "p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-lib", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2884-1.NASL", "href": "https://www.tenable.com/plugins/nessus/88516", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2884-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88516);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7575\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_xref(name:\"USN\", value:\"2884-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2884-1) (SLOTH)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity, and availability. An attacker\ncould exploit these to cause a denial of service, expose sensitive\ndata over the network, or possibly execute arbitrary code.\n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data\nintegrity. An attacker could exploit this to expose sensitive data\nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nIt was discovered that OpenJDK 7 incorrectly allowed MD5 to be used\nfor TLS connections. If a remote attacker were able to perform a\nman-in-the-middle attack, this flaw could be exploited to expose\nsensitive information. (CVE-2015-7575)\n\nA vulnerability was discovered in the OpenJDK JRE related to\ninformation disclosure. An attacker could exploit this to expose\nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to\navailability. An attacker could exploit this to cause a denial of\nservice. (CVE-2016-0466).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2884-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea-7-jre-jamvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-zero\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/02\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|15\\.04|15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 15.04 / 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"icedtea-7-jre-jamvm\", pkgver:\"7u95-2.6.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"openjdk-7-jre\", pkgver:\"7u95-2.6.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"openjdk-7-jre-headless\", pkgver:\"7u95-2.6.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"openjdk-7-jre-lib\", pkgver:\"7u95-2.6.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"openjdk-7-jre-zero\", pkgver:\"7u95-2.6.4-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"icedtea-7-jre-jamvm\", pkgver:\"7u95-2.6.4-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"openjdk-7-jre\", pkgver:\"7u95-2.6.4-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"openjdk-7-jre-headless\", pkgver:\"7u95-2.6.4-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"openjdk-7-jre-lib\", pkgver:\"7u95-2.6.4-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"openjdk-7-jre-zero\", pkgver:\"7u95-2.6.4-0ubuntu0.15.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"icedtea-7-jre-jamvm\", pkgver:\"7u95-2.6.4-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"openjdk-7-jre\", pkgver:\"7u95-2.6.4-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"openjdk-7-jre-headless\", pkgver:\"7u95-2.6.4-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"openjdk-7-jre-lib\", pkgver:\"7u95-2.6.4-0ubuntu0.15.10.1\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"openjdk-7-jre-zero\", pkgver:\"7u95-2.6.4-0ubuntu0.15.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icedtea-7-jre-jamvm / openjdk-7-jre / openjdk-7-jre-headless / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:25", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0067\n\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033664.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033665.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033666.html\n\n**Affected packages:**\njava-1.6.0-openjdk\njava-1.6.0-openjdk-demo\njava-1.6.0-openjdk-devel\njava-1.6.0-openjdk-javadoc\njava-1.6.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0067.html", "edition": 3, "modified": "2016-01-26T14:24:06", "published": "2016-01-26T13:28:19", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033664.html", "id": "CESA-2016:0067", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:46", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0049\n\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the password-based encryption (PBE) implementation\nin the Libraries component in OpenJDK used an incorrect key length. This\ncould, in certain cases, lead to generation of keys that were weaker than\nexpected. (CVE-2016-0475)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.8.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033658.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-accessibility\njava-1.8.0-openjdk-accessibility-debug\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0049.html", "edition": 3, "modified": "2016-01-21T17:19:22", "published": "2016-01-21T17:19:22", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033658.html", "id": "CESA-2016:0049", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:55", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0050\n\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the password-based encryption (PBE) implementation\nin the Libraries component in OpenJDK used an incorrect key length. This\ncould, in certain cases, lead to generation of keys that were weaker than\nexpected. (CVE-2016-0475)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.8.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033660.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0050.html", "edition": 3, "modified": "2016-01-21T19:37:41", "published": "2016-01-21T19:37:41", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033660.html", "id": "CESA-2016:0050", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:08", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0054\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Libraries, Networking, and JMX\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871,\nCVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033656.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033657.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-accessibility\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-headless\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0054.html", "edition": 3, "modified": "2016-01-21T17:19:02", "published": "2016-01-21T16:24:45", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033656.html", "id": "CESA-2016:0054", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:28:21", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**CentOS Errata and Security Advisory** CESA-2016:0053\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Libraries, Networking, and JMX\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871,\nCVE-2016-0402, CVE-2016-0448)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-January/033659.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0053.html", "edition": 3, "modified": "2016-01-21T17:21:45", "published": "2016-01-21T17:21:45", "href": "http://lists.centos.org/pipermail/centos-announce/2016-January/033659.html", "id": "CESA-2016:0053", "title": "java security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "[1.6.0.38-1.13.10.0.0.1]\n- Add oracle-enterprise.patch\n[1:1.6.0.38-1.13.10.0]\n- Add patch to replace -fno-strict-overflow with -fwrapv on older RHEL 5.11 GCC.\n- Resolves: rhbz#1295772\n[1:1.6.0.38-1.13.10.0]\n- Update to IcedTea 1.13.10 & OpenJDK 6 b38.\n- Resolves: rhbz#1295772", "edition": 4, "modified": "2016-01-26T00:00:00", "published": "2016-01-26T00:00:00", "id": "ELSA-2016-0067", "href": "http://linux.oracle.com/errata/ELSA-2016-0067.html", "title": "java-1.6.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:12", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "[1:1.8.0.71-2.b15]\n- Add md5sum for previous java.security file so it gets updated.\n- Resolves: rhbz#1295753\n[1:1.8.0.71-1.b15]\n- Restore upstream version of system LCMS patch removed by 'sync with Fedora'\n- Add patch to turn off strict overflow on IndicRearrangementProcessor{,2}.cpp\n- Resolves: rhbz#1295753\n[1:1.8.0.71-0.b15]\n- January 2016 security update to u71b15.\n- Improve verbosity and helpfulness of tarball generation script.\n- Remove RH1290936 workaround as RHEL does not have the hardened flags nor ARM32.\n- Update patch documentation using version originally written for Fedora.\n- Drop prelink requirement as we no longer use execstack.\n- Drop ifdefbugfix patch as this is fixed upstream.\n- Provide optional boostrap build and turn it off by default.\n- Turn off additional CFLAGS/LDFLAGS on AArch64 as bootstrapping failed.\n- Add patch for size_t formatting on s390 as size_t != intptr_t there.\n- Resolves: rhbz#1295753\n[1:1.8.0.65-4.b17]\n- moved to integration forest\n- sync with fedora (all but extracted luas and family)\n- Resolves: rhbz#1295753", "edition": 4, "modified": "2016-01-20T00:00:00", "published": "2016-01-20T00:00:00", "id": "ELSA-2016-0049", "href": "http://linux.oracle.com/errata/ELSA-2016-0049.html", "title": "java-1.8.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:46", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "[1:1.8.0.71-1.b15]\n- Add patch to turn off strict overflow on IndicRearrangementProcessor{,2}.cpp\n- Resolves: rhbz#1295751\n[1:1.8.0.71-0.b15]\n- January 2016 security update to u71b15.\n- Improve verbosity and helpfulness of tarball generation script.\n- Update patch documentation using version originally written for Fedora.\n- Drop prelink requirement as we no longer use execstack.\n- Drop ifdefbugfix patch as this is fixed upstream.\n- Provide optional boostrap build and turn it off by default.\n- Add patch for size_t formatting on s390 as size_t != intptr_t there.\n- Resolves: rhbz#1295751\n[1:1.8.0.65-4.b17]\n- Add flag logic back to spec file but disable for now.\n- Restore system-lcms.patch as used in October CPU.\n- Resolves: rhbz#1295751\n[1:1.8.0.65-3.b17]\n- moved to integration forest\n- sync with rhel7\n- Resolves: rhbz#1295751", "edition": 4, "modified": "2016-01-20T00:00:00", "published": "2016-01-20T00:00:00", "id": "ELSA-2016-0050", "href": "http://linux.oracle.com/errata/ELSA-2016-0050.html", "title": "java-1.8.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:21", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "[1.7.0.95-2.6.4.0.0.1]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.95-2.6.4.0]\n- Remove reference to jre/lib/audio.\n- Resolves: rhbz#1295765\n[1:1.7.0.95-2.6.4.0]\n- Bump to 2.6.4 and u95b00.\n- Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it.\n- Drop 8072932or8074489 patch as applied upstream in u91b01.\n- Drop installation of soundfont symlink following inclusion of 8140620/PR2710 in 2.6.3\n- Resolves: rhbz#1295765", "edition": 4, "modified": "2016-01-21T00:00:00", "published": "2016-01-21T00:00:00", "id": "ELSA-2016-0053", "href": "http://linux.oracle.com/errata/ELSA-2016-0053.html", "title": "java-1.7.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:34", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "[1.7.0.95-2.6.4.0.0.1]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.95-2.6.4.0]\n- Bump to 2.6.4 and u95b00.\n- Backport tarball creation script from OpenJDK 8 RPMs and update fsg.sh to work with it.\n- Drop 8072932or8074489 patch as applied upstream in u91b01.\n- Add MD5 checksums for last two version of the java.security file.\n- Resolves: rhbz#1295768", "edition": 4, "modified": "2016-01-21T00:00:00", "published": "2016-01-21T00:00:00", "id": "ELSA-2016-0054", "href": "http://linux.oracle.com/errata/ELSA-2016-0054.html", "title": "java-1.7.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:39:04", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related \nto information disclosure, data integrity, and availability. An \nattacker could exploit these to cause a denial of service, expose \nsensitive data over the network, or possibly execute arbitrary code. \n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data \nintegrity. An attacker could exploit this to expose sensitive data \nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nA vulnerability was discovered in the OpenJDK JRE related to \ninformation disclosure. An attacker could exploit this to expose \nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to \navailability. An attacker could exploit this to cause a denial of \nservice. (CVE-2016-0466)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2885-1", "href": "https://ubuntu.com/security/notices/USN-2885-1", "title": "OpenJDK 6 vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:39:33", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related \nto information disclosure, data integrity, and availability. An \nattacker could exploit these to cause a denial of service, expose \nsensitive data over the network, or possibly execute arbitrary code. \n(CVE-2016-0483, CVE-2016-0494)\n\nA vulnerability was discovered in the OpenJDK JRE related to data \nintegrity. An attacker could exploit this to expose sensitive data \nover the network or possibly execute arbitrary code. (CVE-2016-0402)\n\nIt was discovered that OpenJDK 7 incorrectly allowed MD5 to be used \nfor TLS connections. If a remote attacker were able to perform a \nman-in-the-middle attack, this flaw could be exploited to expose \nsensitive information. (CVE-2015-7575)\n\nA vulnerability was discovered in the OpenJDK JRE related to \ninformation disclosure. An attacker could exploit this to expose \nsensitive data over the network. (CVE-2016-0448)\n\nA vulnerability was discovered in the OpenJDK JRE related to \navailability. An attacker could exploit this to cause a denial of \nservice. (CVE-2016-0466)", "edition": 5, "modified": "2016-02-01T00:00:00", "published": "2016-02-01T00:00:00", "id": "USN-2884-1", "href": "https://ubuntu.com/security/notices/USN-2884-1", "title": "OpenJDK 7 vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:03", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**Issue Overview:**\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0483 __](<https://access.redhat.com/security/cve/CVE-2016-0483>))\n\nAn integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. ([CVE-2016-0494 __](<https://access.redhat.com/security/cve/CVE-2016-0494>))\n\nIt was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. ([CVE-2016-0466 __](<https://access.redhat.com/security/cve/CVE-2016-0466>))\n\nMultiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. ([CVE-2016-0402 __](<https://access.redhat.com/security/cve/CVE-2016-0402>), [CVE-2016-0448 __](<https://access.redhat.com/security/cve/CVE-2016-0448>))\n\n \n**Affected Packages:** \n\n\njava-1.6.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.6.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.73.amzn1.i686 \n java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.73.amzn1.i686 \n \n src: \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.src \n \n x86_64: \n java-1.6.0-openjdk-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-debuginfo-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.73.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-19T15:48:00", "published": "2016-02-19T15:48:00", "id": "ALAS-2016-654", "href": "https://alas.aws.amazon.com/ALAS-2016-654.html", "title": "Important: java-1.6.0-openjdk", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "**Issue Overview:**\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0483 __](<https://access.redhat.com/security/cve/CVE-2016-0483>))\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. ([CVE-2015-7575 __](<https://access.redhat.com/security/cve/CVE-2015-7575>))\n\nInteger signedness issues were discovered in IndicRearrangementProcessor and IndicRearrangementProcessor2 in the ICU Layout Engine. A specially crafted font file could cause an application using ICU to parse untrusted fonts to crash and, possibly, execute arbitrary code. ([CVE-2016-0494 __](<https://access.redhat.com/security/cve/CVE-2016-0494>))\n\nIt was discovered that the password-based encryption (PBE) implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected. ([CVE-2016-0475 __](<https://access.redhat.com/security/cve/CVE-2016-0475>))\n\nA flaw was found in the deserialization of the URL class in the Networking component of OpenJDK. Deserialization of the specially crafted data could result in creation of the URL object with an inconsistent state. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. ([CVE-2016-0402 __](<https://access.redhat.com/security/cve/CVE-2016-0402>))\n\nIt was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. ([CVE-2016-0466 __](<https://access.redhat.com/security/cve/CVE-2016-0466>))\n\nIt was discovered that the RMIConnector and RMIConnectionImpl classes in the JMX component of OpenJDK could log sensitive information such as user passwords in its debug log, possibly leading the exposure of the information. ([CVE-2016-0448 __](<https://access.redhat.com/security/cve/CVE-2016-0448>))\n\n \n**Affected Packages:** \n\n\njava-1.8.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.8.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.8.0-openjdk-debuginfo-1.8.0.71-2.b15.8.amzn1.i686 \n java-1.8.0-openjdk-demo-1.8.0.71-2.b15.8.amzn1.i686 \n java-1.8.0-openjdk-headless-1.8.0.71-2.b15.8.amzn1.i686 \n java-1.8.0-openjdk-1.8.0.71-2.b15.8.amzn1.i686 \n java-1.8.0-openjdk-src-1.8.0.71-2.b15.8.amzn1.i686 \n java-1.8.0-openjdk-devel-1.8.0.71-2.b15.8.amzn1.i686 \n \n noarch: \n java-1.8.0-openjdk-javadoc-1.8.0.71-2.b15.8.amzn1.noarch \n \n src: \n java-1.8.0-openjdk-1.8.0.71-2.b15.8.amzn1.src \n \n x86_64: \n java-1.8.0-openjdk-debuginfo-1.8.0.71-2.b15.8.amzn1.x86_64 \n java-1.8.0-openjdk-headless-1.8.0.71-2.b15.8.amzn1.x86_64 \n java-1.8.0-openjdk-src-1.8.0.71-2.b15.8.amzn1.x86_64 \n java-1.8.0-openjdk-1.8.0.71-2.b15.8.amzn1.x86_64 \n java-1.8.0-openjdk-demo-1.8.0.71-2.b15.8.amzn1.x86_64 \n java-1.8.0-openjdk-devel-1.8.0.71-2.b15.8.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-09T13:30:00", "published": "2016-02-09T13:30:00", "id": "ALAS-2016-647", "href": "https://alas.aws.amazon.com/ALAS-2016-647.html", "title": "Important: java-1.8.0-openjdk", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-10T12:37:03", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "**Issue Overview:**\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0483 __](<https://access.redhat.com/security/cve/CVE-2016-0483>))\n\nAn integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. ([CVE-2016-0494 __](<https://access.redhat.com/security/cve/CVE-2016-0494>))\n\nIt was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. ([CVE-2016-0466 __](<https://access.redhat.com/security/cve/CVE-2016-0466>))\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. ([CVE-2015-7575 __](<https://access.redhat.com/security/cve/CVE-2015-7575>))\n\nMultiple flaws were discovered in the Libraries, Networking, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. ([CVE-2015-4871 __](<https://access.redhat.com/security/cve/CVE-2015-4871>), [CVE-2016-0402 __](<https://access.redhat.com/security/cve/CVE-2016-0402>), [CVE-2016-0448 __](<https://access.redhat.com/security/cve/CVE-2016-0448>))\n\nNote: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. \n\n\n \n**Affected Packages:** \n\n\njava-1.7.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.7.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.65.amzn1.i686 \n java-1.7.0-openjdk-1.7.0.95-2.6.4.0.65.amzn1.i686 \n java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.65.amzn1.i686 \n java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.65.amzn1.i686 \n java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.65.amzn1.i686 \n \n noarch: \n java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.65.amzn1.noarch \n \n src: \n java-1.7.0-openjdk-1.7.0.95-2.6.4.0.65.amzn1.src \n \n x86_64: \n java-1.7.0-openjdk-debuginfo-1.7.0.95-2.6.4.0.65.amzn1.x86_64 \n java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.65.amzn1.x86_64 \n java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.65.amzn1.x86_64 \n java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.65.amzn1.x86_64 \n java-1.7.0-openjdk-1.7.0.95-2.6.4.0.65.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2016-02-09T13:30:00", "published": "2016-02-09T13:30:00", "id": "ALAS-2016-643", "href": "https://alas.aws.amazon.com/ALAS-2016-643.html", "title": "Important: java-1.7.0-openjdk", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:35:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Check the version of java", "modified": "2019-03-08T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310882378", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882378", "type": "openvas", "title": "CentOS Update for java CESA-2016:0067 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2016:0067 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882378\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 05:12:31 +0100 (Wed, 27 Jan 2016)\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\",\n \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for java CESA-2016:0067 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of java\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.6.0-openjdk packages provide\nthe OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software\nDevelopment Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"java on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0067\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-January/021628.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el7_2\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Check the version of java", "modified": "2019-03-08T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310882379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882379", "type": "openvas", "title": "CentOS Update for java CESA-2016:0067 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2016:0067 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882379\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 05:12:38 +0100 (Wed, 27 Jan 2016)\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for java CESA-2016:0067 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of java\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.6.0-openjdk packages provide\nthe OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software\nDevelopment Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"java on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0067\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-January/021626.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310842626", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842626", "type": "openvas", "title": "Ubuntu Update for openjdk-6 USN-2885-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openjdk-6 USN-2885-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842626\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:36 +0530 (Fri, 05 Feb 2016)\");\n script_cve_id(\"CVE-2016-0483\", \"CVE-2016-0494\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openjdk-6 USN-2885-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openjdk-6'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were discovered\n in the OpenJDK JRE related to information disclosure, data integrity, and\n availability. An attacker could exploit these to cause a denial of service,\n expose sensitive data over the network, or possibly execute arbitrary code.\n (CVE-2016-0483, CVE-2016-0494)\n\n A vulnerability was discovered in the OpenJDK JRE related to data\n integrity. An attacker could exploit this to expose sensitive data\n over the network or possibly execute arbitrary code. (CVE-2016-0402)\n\n A vulnerability was discovered in the OpenJDK JRE related to\n information disclosure. An attacker could exploit this to expose\n sensitive data over the network. (CVE-2016-0448)\n\n A vulnerability was discovered in the OpenJDK JRE related to\n availability. An attacker could exploit this to cause a denial of\n service. (CVE-2016-0466)\");\n\n script_tag(name:\"affected\", value:\"openjdk-6 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2885-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2885-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao:amd64\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao:i386\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-jamvm:i386\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-jamvm:amd64\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre:i386\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre:amd64\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless:amd64\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless:i386\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero:i386\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero:amd64\", ver:\"6b38-1.13.10-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Check the version of java", "modified": "2019-03-08T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310882380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882380", "type": "openvas", "title": "CentOS Update for java CESA-2016:0067 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2016:0067 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882380\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 05:12:44 +0100 (Wed, 27 Jan 2016)\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\",\n \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for java CESA-2016:0067 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of java\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.6.0-openjdk packages provide\nthe OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software\nDevelopment Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"java on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:0067\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-January/021627.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Oracle Linux Local Security Checks ELSA-2016-0067", "modified": "2019-03-14T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310122860", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122860", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-0067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2016-0067.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122860\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 07:27:54 +0200 (Wed, 27 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2016-0067\");\n script_tag(name:\"insight\", value:\"ELSA-2016-0067 - java-1.6.0-openjdk security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2016-0067\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2016-0067.html\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.0.1.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:55:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2016-03-08T00:00:00", "id": "OPENVAS:1361412562310120644", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120644", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-654)", "sourceData": "# Copyright (C) 2016 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120644\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 07:12:16 +0200 (Tue, 08 Mar 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-654)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in OpenJDK. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update java-1.6.0-openjdk to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-654.html\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0483\", \"CVE-2016-0466\", \"CVE-2016-0494\", \"CVE-2016-0448\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.38~1.13.10.0.73.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310871548", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871548", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2016:0067-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2016:0067-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871548\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 05:12:12 +0100 (Wed, 27 Jan 2016)\");\n script_cve_id(\"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\", \"CVE-2016-0483\",\n \"CVE-2016-0494\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2016:0067-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.6.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.6.0-openjdk packages provide the\nOpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:0067-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-January/msg00036.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6|5)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.38~1.13.10.0.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.38~1.13.10.0.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.38~1.13.10.0.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:54:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting\nin breakouts of the Java sandbox, information disclosur, denial of service and\ninsecure cryptography.", "modified": "2017-07-07T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:703458", "href": "http://plugins.openvas.org/nasl.php?oid=703458", "type": "openvas", "title": "Debian Security Advisory DSA 3458-1 (openjdk-7 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3458.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3458-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703458);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2015-7575\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\",\n \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_name(\"Debian Security Advisory DSA 3458-1 (openjdk-7 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-01-27 00:00:00 +0100 (Wed, 27 Jan 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3458.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"openjdk-7 on Debian Linux\");\n script_tag(name: \"insight\", value: \"OpenJDK is a development environment for\nbuilding applications, applets, and components using the Java programming\nlanguage.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 7u95-2.6.4-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 7u95-2.6.4-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7u95-2.6.4-1.\n\nWe recommend that you upgrade your openjdk-7 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting\nin breakouts of the Java sandbox, information disclosur, denial of service and\ninsecure cryptography.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-dbg:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-dbg:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-demo\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-doc\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jdk:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jdk:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-lib\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-source\", ver:\"7u95-2.6.4-1~deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-cacao:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-cacao:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-dbg:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-dbg:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-demo\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-doc\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jdk:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jdk:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-lib\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openjdk-7-source\", ver:\"7u95-2.6.4-1~deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting\nin breakouts of the Java sandbox, information disclosur, denial of service and\ninsecure cryptography.", "modified": "2019-03-18T00:00:00", "published": "2016-01-27T00:00:00", "id": "OPENVAS:1361412562310703458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703458", "type": "openvas", "title": "Debian Security Advisory DSA 3458-1 (openjdk-7 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3458.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3458-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703458\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2015-7575\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\",\n \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_name(\"Debian Security Advisory DSA 3458-1 (openjdk-7 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-27 00:00:00 +0100 (Wed, 27 Jan 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3458.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|7)\");\n script_tag(name:\"affected\", value:\"openjdk-7 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 7u95-2.6.4-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 7u95-2.6.4-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7u95-2.6.4-1.\n\nWe recommend that you upgrade your openjdk-7 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting\nin breakouts of the Java sandbox, information disclosur, denial of service and\ninsecure cryptography.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-dbg:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-dbg:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-demo\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-doc\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jdk:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jdk:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-lib\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:amd64\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:i386\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-source\", ver:\"7u95-2.6.4-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-cacao:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-cacao:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-7-jre-jamvm:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-dbg:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-dbg:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-demo\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-doc\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jdk:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jdk:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-headless:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-lib\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:amd64\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-jre-zero:i386\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-7-source\", ver:\"7u95-2.6.4-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting in\nbreakouts of the Java sandbox, information disclosure, denial of service and\ninsecure cryptography.", "modified": "2019-03-18T00:00:00", "published": "2016-02-05T00:00:00", "id": "OPENVAS:1361412562310703465", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703465", "type": "openvas", "title": "Debian Security Advisory DSA 3465-1 (openjdk-6 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3465.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3465-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703465\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2015-7575\", \"CVE-2016-0402\", \"CVE-2016-0448\", \"CVE-2016-0466\",\n \"CVE-2016-0483\", \"CVE-2016-0494\");\n script_name(\"Debian Security Advisory DSA 3465-1 (openjdk-6 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-05 13:14:30 +0530 (Fri, 05 Feb 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3465.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"openjdk-6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 6b38-1.13.10-1~deb7u1.\n\nWe recommend that you upgrade your openjdk-6 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\ndiscovered in OpenJDK, an implementation of the Oracle Java platform, resulting in\nbreakouts of the Java sandbox, information disclosure, denial of service and\ninsecure cryptography.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-6-jre-jamvm:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedtea-6-jre-jamvm:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-dbg:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-dbg:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jdk:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jdk:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero:amd64\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero:i386\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b38-1.13.10-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime\nEnvironment and the OpenJDK 6 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:33", "published": "2016-01-26T05:00:00", "id": "RHSA-2016:0067", "href": "https://access.redhat.com/errata/RHSA-2016:0067", "type": "redhat", "title": "(RHSA-2016:0067) Important: java-1.6.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:08", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7575", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the password-based encryption (PBE) implementation\nin the Libraries component in OpenJDK used an incorrect key length. This\ncould, in certain cases, lead to generation of keys that were weaker than\nexpected. (CVE-2016-0475)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.8.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "modified": "2018-04-12T03:33:29", "published": "2016-01-20T23:56:54", "id": "RHSA-2016:0049", "href": "https://access.redhat.com/errata/RHSA-2016:0049", "type": "redhat", "title": "(RHSA-2016:0049) Critical: java-1.8.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:09", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7575", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the password-based encryption (PBE) implementation\nin the Libraries component in OpenJDK used an incorrect key length. This\ncould, in certain cases, lead to generation of keys that were weaker than\nexpected. (CVE-2016-0475)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Networking and JMX components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.8.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:08", "published": "2016-01-20T05:00:00", "id": "RHSA-2016:0050", "href": "https://access.redhat.com/errata/RHSA-2016:0050", "type": "redhat", "title": "(RHSA-2016:0050) Important: java-1.8.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:08", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8126", "CVE-2015-8472", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466,\nCVE-2016-0483, CVE-2016-0494)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide Oracle Java 6 Update 111 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "modified": "2018-06-07T18:20:30", "published": "2016-01-21T16:15:11", "id": "RHSA-2016:0057", "href": "https://access.redhat.com/errata/RHSA-2016:0057", "type": "redhat", "title": "(RHSA-2016:0057) Important: java-1.6.0-sun security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:55", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Libraries, Networking, and JMX\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871,\nCVE-2016-0402, CVE-2016-0448)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-04-12T03:32:37", "published": "2016-01-21T05:00:00", "id": "RHSA-2016:0054", "href": "https://access.redhat.com/errata/RHSA-2016:0054", "type": "redhat", "title": "(RHSA-2016:0054) Important: java-1.7.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4871", "CVE-2015-7575", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nAn out-of-bounds write flaw was found in the JPEG image format decoder in\nthe AWT component in OpenJDK. A specially crafted JPEG image could cause\na Java application to crash or, possibly execute arbitrary code. An\nuntrusted Java application or applet could use this flaw to bypass Java\nsandbox restrictions. (CVE-2016-0483)\n\nAn integer signedness issue was found in the font parsing code in the 2D\ncomponent in OpenJDK. A specially crafted font file could possibly cause\nthe Java Virtual Machine to execute arbitrary code, allowing an untrusted\nJava application or applet to bypass Java sandbox restrictions.\n(CVE-2016-0494)\n\nIt was discovered that the JAXP component in OpenJDK did not properly\nenforce the totalEntitySizeLimit limit. An attacker able to make a Java\napplication process a specially crafted XML file could use this flaw to\nmake the application consume an excessive amount of memory. (CVE-2016-0466)\n\nA flaw was found in the way TLS 1.2 could use the MD5 hash function for\nsigning ServerKeyExchange and Client Authentication packets during a TLS\nhandshake. A man-in-the-middle attacker able to force a TLS connection to\nuse the MD5 hash function could use this flaw to conduct collision attacks\nto impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)\n\nMultiple flaws were discovered in the Libraries, Networking, and JMX\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871,\nCVE-2016-0402, CVE-2016-0448)\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2018-06-06T20:24:08", "published": "2016-01-21T05:00:00", "id": "RHSA-2016:0053", "href": "https://access.redhat.com/errata/RHSA-2016:0053", "type": "redhat", "title": "(RHSA-2016:0053) Critical: java-1.7.0-openjdk security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:39", "bulletinFamily": "unix", "cvelist": ["CVE-2015-7575", "CVE-2015-8126", "CVE-2015-8472", "CVE-2016-0402", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0483", "CVE-2016-0494"], "description": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448,\nCVE-2016-0466, CVE-2016-0483, CVE-2016-0494)\n\nNote: This update also disallows the use of the MD5 hash algorithm in the\ncertification path processing. The use of MD5 can be re-enabled by removing\nMD5 from the jdk.certpath.disabledAlgorithms security property defined in\nthe java.security file.\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 95 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "modified": "2018-06-07T18:20:33", "published": "2016-01-21T16:14:52", "id": "RHSA-2016:0056", "href": "https://access.redhat.com/errata/RHSA-2016:0056", "type": "redhat", "title": "(RHSA-2016:0056) Critical: java-1.7.0-oracle security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T00:51:39", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3458-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 27, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-7\nCVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 \n CVE-2016-0483 CVE-2016-0494\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and insecure\ncryptography.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 7u95-2.6.4-1~deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 7u95-2.6.4-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7u95-2.6.4-1.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 11, "modified": "2016-01-27T21:01:10", "published": "2016-01-27T21:01:10", "id": "DEBIAN:DSA-3458-1:53966", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00028.html", "title": "[SECURITY] [DSA 3458-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3465-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 02, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-6\nCVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 \n CVE-2016-0483 CVE-2016-0494\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in breakouts of\nthe Java sandbox, information disclosur, denial of service and insecure\ncryptography.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 6b38-1.13.10-1~deb7u1.\n\nWe recommend that you upgrade your openjdk-6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2016-02-02T21:32:31", "published": "2016-02-02T21:32:31", "id": "DEBIAN:DSA-3465-1:584E2", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00035.html", "title": "[SECURITY] [DSA 3465-1] openjdk-6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "atlassian": [{"lastseen": "2017-03-22T18:16:53", "bulletinFamily": "software", "cvelist": ["CVE-2016-0483"], "edition": 1, "description": "Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).\r\nIncluded in the security fixes is a fix for CVE-2016-0483 \"An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions\".\r\n\r\n\r\nEdit: updating to latest - 1.8.0_74\r\n\r\n", "modified": "2016-07-20T02:32:56", "published": "2016-02-04T02:48:28", "href": "https://jira.atlassian.com/browse/CONF-40671", "id": "ATLASSIAN:CONF-40671", "title": "Update Java version bundled found in the installer to a version >= 1.8u71", "type": "atlassian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-03-22T18:16:54", "bulletinFamily": "software", "cvelist": ["CVE-2016-0483"], "edition": 1, "description": "Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).\r\nIncluded in the security fixes is a fix for CVE-2016-0483 \"An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions\".\r\n\r\n", "modified": "2016-10-05T23:35:31", "published": "2016-02-04T02:52:06", "id": "ATLASSIAN:JRA-59661", "href": "https://jira.atlassian.com/browse/JRA-59661", "title": "Update Java version bundled found in the installer to a version >= 1.8u71", "type": "atlassian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-12-24T14:35:23", "bulletinFamily": "software", "cvelist": ["CVE-2016-0483"], "description": "Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).\r\nIncluded in the security fixes is a fix for CVE-2016-0483 \"An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions\".\r\n\r\n", "edition": 10, "modified": "2019-03-28T00:19:58", "published": "2016-02-04T02:52:06", "id": "ATLASSIAN:JRASERVER-59661", "href": "https://jira.atlassian.com/browse/JRASERVER-59661", "title": "Update Java version bundled found in the installer to a version >= 1.8u71", "type": "atlassian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T14:35:31", "bulletinFamily": "software", "cvelist": ["CVE-2016-0483"], "description": "Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).\r\nIncluded in the security fixes is a fix for CVE-2016-0483 \"An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions\".\r\n\r\n\r\nEdit: updating to latest - 1.8.0_74\r\n\r\n", "edition": 7, "modified": "2018-10-11T08:59:03", "published": "2016-02-04T02:48:28", "id": "ATLASSIAN:CONFSERVER-40671", "href": "https://jira.atlassian.com/browse/CONFSERVER-40671", "title": "Update Java version bundled found in the installer to a version >= 1.8u71", "type": "atlassian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2020-06-22T11:40:57", "bulletinFamily": "info", "cvelist": ["CVE-2016-0483"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of image data. The issue lies in insufficient validation of supplied image data inside the native function readImage. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.", "modified": "2016-06-22T00:00:00", "published": "2016-01-25T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-16-032/", "id": "ZDI-16-032", "title": " Oracle Java readImage Heap Overflow Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T12:01:30", "bulletinFamily": "info", "cvelist": ["CVE-2015-8126", "CVE-2016-0483", "CVE-2016-0448", "CVE-2015-7575", "CVE-2016-0466", "CVE-2016-0494", "CVE-2016-0402", "CVE-2016-0475"], "description": "### *Detect date*:\n01/20/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can affect application confidentiality, integrity and availability. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, AWT, Libraries, Networking, JAXP, JMX and Security.\n\n### *Affected products*:\nOracle Java SE 6.105, 7.91 and 8.66 \nOracle Java SE embedded 8.65\n\n### *Solution*:\nUpdate to the latest version \n[Java SE downloads page](<http://www.oracle.com/technetwork/java/javase/downloads/index.html>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle Java JRE 1.7.x](<https://threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/>)\n\n### *CVE-IDS*:\n[CVE-2016-0475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0475>)5.8High \n[CVE-2016-0402](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402>)5.0Critical \n[CVE-2016-0466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466>)5.0Critical \n[CVE-2016-0448](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448>)4.0Warning \n[CVE-2016-0494](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494>)10.0Critical \n[CVE-2016-0483](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483>)10.0Critical \n[CVE-2015-8126](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126>)7.5Critical \n[CVE-2015-7575](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575>)4.3Warning", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2016-01-20T00:00:00", "id": "KLA10743", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10743", "title": "\r KLA10743Multiple vulnerabilities in Oracle Java SE ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
