Sun JDK/JRE: Multiple vulnerabilities

2008-04-17T00:00:00

Description

### Background The Sun Java Development Kit (JDK) and the Sun Java Runtime Environment (JRE) provide the Sun Java platform. ### Description Multiple vulnerabilities have been discovered in Sun Java: * Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable when launched by Java WebStart (CVE-2007-3655). * Multiple vulnerabilities (CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) that were previously reported as GLSA 200705-23 and GLSA 200706-08 also affect 1.4 and 1.6 SLOTs, which was not mentioned in the initial revision of said GLSAs. * The Zero Day Initiative, TippingPoint and John Heasman reported multiple buffer overflows and unspecified vulnerabilities in Java Web Start (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191). * Hisashi Kojima of Fujitsu and JPCERT/CC reported a security issue when performing XSLT transformations (CVE-2008-1187). * CERT/CC reported a Stack-based buffer overflow in Java Web Start when using JNLP files (CVE-2008-1196). * Azul Systems reported an unspecified vulnerability that allows applets to escalate their privileges (CVE-2007-5689). * Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and David Byrne discovered multiple instances where Java applets or JavaScript programs run within browsers do not pin DNS hostnames to a single IP address, allowing for DNS rebinding attacks (CVE-2007-5232, CVE-2007-5273, CVE-2007-5274). * Peter Csepely reported that Java Web Start does not properly enforce access restrictions for untrusted applications (CVE-2007-5237, CVE-2007-5238). * Java Web Start does not properly enforce access restrictions for untrusted Java applications and applets, when handling drag-and-drop operations (CVE-2007-5239). * Giorgio Maone discovered that warnings for untrusted code can be hidden under applications' windows (CVE-2007-5240). * Fujitsu reported two security issues where security restrictions of web applets and applications were not properly enforced (CVE-2008-1185, CVE-2008-1186). * John Heasman of NGSSoftware discovered that the Java Plug-in does not properly enforce the same origin policy (CVE-2008-1192). * Chris Evans of the Google Security Team discovered multiple unspecified vulnerabilities within the Java Runtime Environment Image Parsing Library (CVE-2008-1193, CVE-2008-1194). * Gregory Fleischer reported that web content fetched via the "jar:" protocol was not subject to network access restrictions (CVE-2008-1195). * Chris Evans and Johannes Henkel of the Google Security Team reported that the XML parsing code retrieves external entities even when that feature is disabled (CVE-2008-0628). * Multiple unspecified vulnerabilities might allow for escalation of privileges (CVE-2008-0657). ### Impact A remote attacker could entice a user to run a specially crafted applet on a website or start an application in Java Web Start to execute arbitrary code outside of the Java sandbox and of the Java security restrictions with the privileges of the user running Java. The attacker could also obtain sensitive information, create, modify, rename and read local files, execute local applications, establish connections in the local network, bypass the same origin policy, and cause a Denial of Service via multiple vectors. ### Workaround There is no known workaround at this time. ### Resolution All Sun JRE 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.05" All Sun JRE 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.5.0.15" All Sun JRE 1.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.4.2.17" All Sun JDK 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.05" All Sun JDK 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.5.0.15" All Sun JDK 1.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.4.2.17" All emul-linux-x86-java 1.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-java-1.6.0.05" All emul-linux-x86-java 1.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-java-1.5.0.15" All emul-linux-x86-java 1.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/emul-linux-x86-java-1.4.2.17"

Affected Package

OS	OS Version	Package Name	Package Version
Gentoo	any	dev-java/sun-jre-bin	1.6.0.05
Gentoo	any	dev-java/sun-jdk	1.6.0.05
Gentoo	any	app-emulation/emul-linux-x86-java	1.6.0.05

{"id": "GLSA-200804-20", "vendorId": null, "type": "gentoo", "bulletinFamily": "unix", "title": "Sun JDK/JRE: Multiple vulnerabilities", "description": "### Background\n\nThe Sun Java Development Kit (JDK) and the Sun Java Runtime Environment (JRE) provide the Sun Java platform. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Sun Java: \n\n * Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable when launched by Java WebStart (CVE-2007-3655).\n * Multiple vulnerabilities (CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) that were previously reported as GLSA 200705-23 and GLSA 200706-08 also affect 1.4 and 1.6 SLOTs, which was not mentioned in the initial revision of said GLSAs.\n * The Zero Day Initiative, TippingPoint and John Heasman reported multiple buffer overflows and unspecified vulnerabilities in Java Web Start (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191).\n * Hisashi Kojima of Fujitsu and JPCERT/CC reported a security issue when performing XSLT transformations (CVE-2008-1187).\n * CERT/CC reported a Stack-based buffer overflow in Java Web Start when using JNLP files (CVE-2008-1196).\n * Azul Systems reported an unspecified vulnerability that allows applets to escalate their privileges (CVE-2007-5689).\n * Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and David Byrne discovered multiple instances where Java applets or JavaScript programs run within browsers do not pin DNS hostnames to a single IP address, allowing for DNS rebinding attacks (CVE-2007-5232, CVE-2007-5273, CVE-2007-5274).\n * Peter Csepely reported that Java Web Start does not properly enforce access restrictions for untrusted applications (CVE-2007-5237, CVE-2007-5238).\n * Java Web Start does not properly enforce access restrictions for untrusted Java applications and applets, when handling drag-and-drop operations (CVE-2007-5239).\n * Giorgio Maone discovered that warnings for untrusted code can be hidden under applications' windows (CVE-2007-5240).\n * Fujitsu reported two security issues where security restrictions of web applets and applications were not properly enforced (CVE-2008-1185, CVE-2008-1186).\n * John Heasman of NGSSoftware discovered that the Java Plug-in does not properly enforce the same origin policy (CVE-2008-1192).\n * Chris Evans of the Google Security Team discovered multiple unspecified vulnerabilities within the Java Runtime Environment Image Parsing Library (CVE-2008-1193, CVE-2008-1194).\n * Gregory Fleischer reported that web content fetched via the \"jar:\" protocol was not subject to network access restrictions (CVE-2008-1195).\n * Chris Evans and Johannes Henkel of the Google Security Team reported that the XML parsing code retrieves external entities even when that feature is disabled (CVE-2008-0628).\n * Multiple unspecified vulnerabilities might allow for escalation of privileges (CVE-2008-0657).\n\n### Impact\n\nA remote attacker could entice a user to run a specially crafted applet on a website or start an application in Java Web Start to execute arbitrary code outside of the Java sandbox and of the Java security restrictions with the privileges of the user running Java. The attacker could also obtain sensitive information, create, modify, rename and read local files, execute local applications, establish connections in the local network, bypass the same origin policy, and cause a Denial of Service via multiple vectors. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Sun JRE 1.6 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jre-bin-1.6.0.05\"\n\nAll Sun JRE 1.5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jre-bin-1.5.0.15\"\n\nAll Sun JRE 1.4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jre-bin-1.4.2.17\"\n\nAll Sun JDK 1.6 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jdk-1.6.0.05\"\n\nAll Sun JDK 1.5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jdk-1.5.0.15\"\n\nAll Sun JDK 1.4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jdk-1.4.2.17\"\n\nAll emul-linux-x86-java 1.6 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/emul-linux-x86-java-1.6.0.05\"\n\nAll emul-linux-x86-java 1.5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/emul-linux-x86-java-1.5.0.15\"\n\nAll emul-linux-x86-java 1.4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/emul-linux-x86-java-1.4.2.17\"", "published": "2008-04-17T00:00:00", "modified": "2010-03-05T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://security.gentoo.org/glsa/200804-20", "reporter": "Gentoo Foundation", "references": [], "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3655", "CVE-2007-5232", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689", "CVE-2008-0628", "CVE-2008-0657", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "immutableFields": [], "lastseen": "2022-01-17T19:15:27", "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "cert", "idList": ["VU:138545", "VU:223028", "VU:336105"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2007-276", "CPAI-2008-263", "CPAI-2014-0050", "CPAI-2014-0784"]}, {"type": "cve", "idList": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3655", "CVE-2007-5232", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689", "CVE-2008-0628", "CVE-2008-0657", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196", "CVE-2008-1240", "CVE-2009-3885"]}, {"type": "d2", "idList": ["D2SEC_JAVAWS"]}, {"type": "f5", "idList": ["F5:K16475", "SOL16475", "SOL8424"]}, {"type": "freebsd", "idList": ["C93E4D41-75C5-11DC-B903-0016179B2DD5"]}, {"type": "gentoo", "idList": ["GLSA-200705-23", "GLSA-200706-08", "GLSA-200709-15"]}, {"type": "ibm", "idList": ["97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85"]}, {"type": "jvn", "idList": ["JVN:44724673"]}, {"type": "mozilla", "idList": ["MFSA2008-18"]}, {"type": "nessus", "idList": ["4447.PRM", "4448.PRM", "CENTOS_RHSA-2008-0207.NASL", "FREEBSD_PKG_C93E4D4175C511DCB9030016179B2DD5.NASL", "GENTOO_GLSA-200705-23.NASL", "GENTOO_GLSA-200706-08.NASL", "GENTOO_GLSA-200709-15.NASL", "GENTOO_GLSA-200804-20.NASL", "MACOSX_JAVA_10_5_UPDATE2.NASL", "MACOSX_JAVA_REL6.NASL", "MACOSX_JAVA_REL7.NASL", "MANDRIVA_MDVSA-2008-080.NASL", "MOZILLA_FIREFOX_20013.NASL", "ORACLELINUX_ELSA-2008-0207.NASL", "REDHAT-RHSA-2007-0817.NASL", "REDHAT-RHSA-2007-0818.NASL", "REDHAT-RHSA-2007-0829.NASL", "REDHAT-RHSA-2007-0956.NASL", "REDHAT-RHSA-2007-0963.NASL", "REDHAT-RHSA-2007-1041.NASL", "REDHAT-RHSA-2007-1086.NASL", "REDHAT-RHSA-2008-0100.NASL", "REDHAT-RHSA-2008-0123.NASL", "REDHAT-RHSA-2008-0132.NASL", "REDHAT-RHSA-2008-0133.NASL", "REDHAT-RHSA-2008-0156.NASL", "REDHAT-RHSA-2008-0186.NASL", "REDHAT-RHSA-2008-0207.NASL", "REDHAT-RHSA-2008-0210.NASL", "REDHAT-RHSA-2008-0243.NASL", "REDHAT-RHSA-2008-0244.NASL", "REDHAT-RHSA-2008-0245.NASL", "REDHAT-RHSA-2008-0261.NASL", "REDHAT-RHSA-2008-0267.NASL", "REDHAT-RHSA-2008-0524.NASL", "REDHAT-RHSA-2008-0555.NASL", "SEAMONKEY_119.NASL", "SL_20071128_JDK__JAVA__ON_SL5_X.NASL", "SL_20080114_JDK__JAVA__ON_SL3_X.NASL", "SL_20080714_JAVA__JDK_1_5_0__ON_SL4_X.NASL", "SUN_JAVA_JRE_102881.NASL", "SUN_JAVA_JRE_102881_UNIX.NASL", "SUN_JAVA_JRE_102934.NASL", "SUN_JAVA_JRE_102934_UNIX.NASL", "SUN_JAVA_JRE_103079.NASL", "SUN_JAVA_JRE_103079_UNIX.NASL", "SUN_JAVA_JRE_231246.NASL", "SUN_JAVA_JRE_231246_UNIX.NASL", "SUN_JAVA_JRE_231261.NASL", "SUN_JAVA_JRE_231261_UNIX.NASL", "SUN_JAVA_JRE_233321.NASL", "SUN_JAVA_JRE_233321_UNIX.NASL", "SUN_JAVA_WEBSTART_JNLP_OVERFLOW.NASL", "SUN_JAVA_WEBSTART_JNLP_OVERFLOW_UNIX.NASL", "SUSE9_12142.NASL", "SUSE9_12210.NASL", "SUSE_JAVA-1_4_2-IBM-4542.NASL", "SUSE_JAVA-1_4_2-IBM-5182.NASL", "SUSE_JAVA-1_4_2-IBM-5465.NASL", "SUSE_JAVA-1_4_2-SUN-3843.NASL", "SUSE_JAVA-1_4_2-SUN-3844.NASL", "SUSE_JAVA-1_4_2-SUN-4533.NASL", "SUSE_JAVA-1_4_2-SUN-4536.NASL", "SUSE_JAVA-1_4_2-SUN-5130.NASL", "SUSE_JAVA-1_4_2-SUN-5131.NASL", "SUSE_JAVA-1_5_0-IBM-4544.NASL", "SUSE_JAVA-1_5_0-IBM-4687.NASL", "SUSE_JAVA-1_5_0-IBM-5183.NASL", "SUSE_JAVA-1_5_0-SUN-3832.NASL", "SUSE_JAVA-1_5_0-SUN-4527.NASL", "SUSE_JAVA-1_5_0-SUN-5133.NASL", "SUSE_JAVA-1_6_0-SUN-4525.NASL", "SUSE_JAVA-1_6_0-SUN-5132.NASL", "SUSE_MOZILLA-XULRUNNER-5163.NASL", "SUSE_MOZILLA-XULRUNNER-5164.NASL", "SUSE_MOZILLA-XULRUNNER181-5158.NASL", "SUSE_MOZILLAFIREFOX-5134.NASL", "SUSE_MOZILLAFIREFOX-5135.NASL", "SUSE_SEAMONKEY-5153.NASL", "SUSE_SEAMONKEY-5167.NASL", "UBUNTU_USN-592-1.NASL", "VMWARE_VMSA-2008-00010.NASL", "VMWARE_VMSA-2008-0002.NASL", "VMWARE_VMSA-2008-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:102040", "OPENVAS:1361412562310102040", "OPENVAS:136141256231065053", "OPENVAS:136141256231065091", "OPENVAS:136141256231065120", "OPENVAS:136141256231065153", "OPENVAS:136141256231065295", "OPENVAS:136141256231065313", "OPENVAS:136141256231065368", "OPENVAS:136141256231065389", "OPENVAS:136141256231065400", "OPENVAS:136141256231065844", "OPENVAS:136141256231065980", "OPENVAS:136141256231065988", "OPENVAS:136141256231066000", "OPENVAS:136141256231066005", "OPENVAS:1361412562310830456", "OPENVAS:1361412562310835094", "OPENVAS:1361412562310870143", "OPENVAS:136141256231090013", "OPENVAS:136141256231090014", "OPENVAS:58301", "OPENVAS:58428", "OPENVAS:58623", "OPENVAS:58786", "OPENVAS:60820", "OPENVAS:60872", "OPENVAS:61215", "OPENVAS:65053", "OPENVAS:65091", "OPENVAS:65120", "OPENVAS:65153", "OPENVAS:65295", "OPENVAS:65313", "OPENVAS:65368", "OPENVAS:65389", "OPENVAS:65400", "OPENVAS:65844", "OPENVAS:65980", "OPENVAS:65988", "OPENVAS:66000", "OPENVAS:66005", "OPENVAS:830456", "OPENVAS:835094", "OPENVAS:840285", "OPENVAS:850011", "OPENVAS:850018", "OPENVAS:850026", "OPENVAS:850067", "OPENVAS:850074", "OPENVAS:850117", "OPENVAS:870143", "OPENVAS:90013", "OPENVAS:90014"]}, {"type": "redhat", "idList": ["RHSA-2007:0817", "RHSA-2007:0818", "RHSA-2007:0829", "RHSA-2007:0956", "RHSA-2007:0963", "RHSA-2007:1041", "RHSA-2007:1086", "RHSA-2008:0100", "RHSA-2008:0123", "RHSA-2008:0132", "RHSA-2008:0156", "RHSA-2008:0186", "RHSA-2008:0210", "RHSA-2008:0243", "RHSA-2008:0244", "RHSA-2008:0245", "RHSA-2008:0261", "RHSA-2008:0267", "RHSA-2008:0524", "RHSA-2008:0555", "RHSA-2008:0638"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:17145", "SECURITYVULNS:DOC:19401", "SECURITYVULNS:DOC:19402", "SECURITYVULNS:DOC:19520", "SECURITYVULNS:VULN:7762", "SECURITYVULNS:VULN:8300", "SECURITYVULNS:VULN:8779", "SECURITYVULNS:VULN:8838"]}, {"type": "seebug", "idList": ["SSV:2998"]}, {"type": "suse", "idList": ["SUSE-SA:2007:045", "SUSE-SA:2007:055", "SUSE-SA:2007:056", "SUSE-SA:2008:018", "SUSE-SA:2008:019", "SUSE-SA:2008:025"]}, {"type": "ubuntu", "idList": ["USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-2435", "UB:CVE-2007-2789", "UB:CVE-2007-3655", "UB:CVE-2007-5232", "UB:CVE-2007-5237", "UB:CVE-2007-5238", "UB:CVE-2007-5239", "UB:CVE-2007-5240", "UB:CVE-2007-5273", "UB:CVE-2007-5274", "UB:CVE-2007-5689", "UB:CVE-2008-0628", "UB:CVE-2008-0657", "UB:CVE-2008-1185", "UB:CVE-2008-1186", "UB:CVE-2008-1187", "UB:CVE-2008-1188", "UB:CVE-2008-1189", "UB:CVE-2008-1190", "UB:CVE-2008-1191", "UB:CVE-2008-1192", "UB:CVE-2008-1193", "UB:CVE-2008-1194", "UB:CVE-2008-1195", "UB:CVE-2008-1196", "UB:CVE-2008-1240", "UB:CVE-2009-3885"]}, {"type": "vmware", "idList": ["VMSA-2008-0010", "VMSA-2008-0010.3"]}, {"type": "zdi", "idList": ["ZDI-08-009", "ZDI-08-010"]}, {"type": "zdt", "idList": ["1337DAY-ID-22120"]}]}, "score": {"value": 1.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cert", "idList": ["VU:223028"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2007-276"]}, {"type": "cve", "idList": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3655", "CVE-2007-5232", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689"]}, {"type": "f5", "idList": ["SOL16475", "SOL8424"]}, {"type": "freebsd", "idList": ["C93E4D41-75C5-11DC-B903-0016179B2DD5"]}, {"type": "gentoo", "idList": ["GLSA-200706-08"]}, {"type": "jvn", "idList": ["JVN:44724673"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-JAVA-CVE-2008-1187/", "MSF:ILITIES/APPLE-JAVA-CVE-2008-1194/", "MSF:ILITIES/GENTOO-LINUX-CVE-2008-1194/", "MSF:ILITIES/SUSE-CVE-2008-1191/"]}, {"type": "mozilla", "idList": ["MFSA2008-18"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200709-15.NASL", "GENTOO_GLSA-200806-11.NASL", "MACOSX_JAVA_REL6.NASL", "REDHAT-RHSA-2007-1041.NASL", "REDHAT-RHSA-2008-0524.NASL", "SUSE_JAVA-1_6_0-SUN-5132.NASL", "SUSE_MOZILLAFIREFOX-5135.NASL", "VMWARE_VMSA-2008-0002.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310830456"]}, {"type": "redhat", "idList": ["RHSA-2007:0817", "RHSA-2007:0956"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:17145"]}, {"type": "suse", "idList": ["SUSE-SA:2008:025"]}, {"type": "ubuntu", "idList": ["USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-5237", "UB:CVE-2007-5238", "UB:CVE-2007-5240", "UB:CVE-2007-5273", "UB:CVE-2007-5274", "UB:CVE-2008-1192", "UB:CVE-2008-1194"]}, {"type": "vmware", "idList": ["VMSA-2008-0010.3"]}]}, "exploitation": null, "vulnersScore": 1.1}, "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "arch": "all", "packageFilename": "UNKNOWN", "packageVersion": "1.6.0.05", "operator": "lt", "packageName": "dev-java/sun-jre-bin"}, {"OS": "Gentoo", "OSVersion": "any", "arch": "all", "packageFilename": "UNKNOWN", "packageVersion": "1.6.0.05", "operator": "lt", "packageName": "dev-java/sun-jdk"}, {"OS": "Gentoo", "OSVersion": "any", "arch": "all", "packageFilename": "UNKNOWN", "packageVersion": "1.6.0.05", "operator": "lt", "packageName": "app-emulation/emul-linux-x86-java"}], "_state": {"dependencies": 1659950754, "score": 1659910520}, "_internal": {"score_hash": "8a26525628932e20fe159136306a477d"}}

{"nessus": [{"lastseen": "2021-08-19T13:10:49", "description": "The remote host is affected by the vulnerability described in GLSA-200804-20 (Sun JDK/JRE: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Sun Java:\n Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable when launched by Java WebStart (CVE-2007-3655).\n Multiple vulnerabilities (CVE-2007-2435, CVE-2007-2788, CVE-2007-2789) that were previously reported as GLSA 200705-23 and GLSA 200706-08 also affect 1.4 and 1.6 SLOTs, which was not mentioned in the initial revision of said GLSAs.\n The Zero Day Initiative, TippingPoint and John Heasman reported multiple buffer overflows and unspecified vulnerabilities in Java Web Start (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191).\n Hisashi Kojima of Fujitsu and JPCERT/CC reported a security issue when performing XSLT transformations (CVE-2008-1187).\n CERT/CC reported a Stack-based buffer overflow in Java Web Start when using JNLP files (CVE-2008-1196).\n Azul Systems reported an unspecified vulnerability that allows applets to escalate their privileges (CVE-2007-5689).\n Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and David Byrne discovered multiple instances where Java applets or JavaScript programs run within browsers do not pin DNS hostnames to a single IP address, allowing for DNS rebinding attacks (CVE-2007-5232, CVE-2007-5273, CVE-2007-5274).\n Peter Csepely reported that Java Web Start does not properly enforce access restrictions for untrusted applications (CVE-2007-5237, CVE-2007-5238).\n Java Web Start does not properly enforce access restrictions for untrusted Java applications and applets, when handling drag-and-drop operations (CVE-2007-5239).\n Giorgio Maone discovered that warnings for untrusted code can be hidden under applications' windows (CVE-2007-5240).\n Fujitsu reported two security issues where security restrictions of web applets and applications were not properly enforced (CVE-2008-1185, CVE-2008-1186).\n John Heasman of NGSSoftware discovered that the Java Plug-in does not properly enforce the same origin policy (CVE-2008-1192).\n Chris Evans of the Google Security Team discovered multiple unspecified vulnerabilities within the Java Runtime Environment Image Parsing Library (CVE-2008-1193, CVE-2008-1194).\n Gregory Fleischer reported that web content fetched via the 'jar:' protocol was not subject to network access restrictions (CVE-2008-1195).\n Chris Evans and Johannes Henkel of the Google Security Team reported that the XML parsing code retrieves external entities even when that feature is disabled (CVE-2008-0628).\n Multiple unspecified vulnerabilities might allow for escalation of privileges (CVE-2008-0657).\n Impact :\n\n A remote attacker could entice a user to run a specially crafted applet on a website or start an application in Java Web Start to execute arbitrary code outside of the Java sandbox and of the Java security restrictions with the privileges of the user running Java. The attacker could also obtain sensitive information, create, modify, rename and read local files, execute local applications, establish connections in the local network, bypass the same origin policy, and cause a Denial of Service via multiple vectors.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2008-04-22T00:00:00", "type": "nessus", "title": "GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3655", "CVE-2007-5232", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689", "CVE-2008-0628", "CVE-2008-0657", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:emul-linux-x86-java", "p-cpe:/a:gentoo:linux:sun-jdk", "p-cpe:/a:gentoo:linux:sun-jre-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200804-20.NASL", "href": "https://www.tenable.com/plugins/nessus/32013", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200804-20.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32013);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3655\", \"CVE-2007-5232\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2007-5689\", \"CVE-2008-0628\", \"CVE-2008-0657\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_xref(name:\"GLSA\", value:\"200804-20\");\n\n script_name(english:\"GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200804-20\n(Sun JDK/JRE: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Sun Java:\n Daniel Soeder discovered that a long codebase attribute string in a\n JNLP file will overflow a stack variable when launched by Java WebStart\n (CVE-2007-3655).\n Multiple vulnerabilities (CVE-2007-2435, CVE-2007-2788,\n CVE-2007-2789) that were previously reported as GLSA 200705-23 and GLSA\n 200706-08 also affect 1.4 and 1.6 SLOTs, which was not mentioned in the\n initial revision of said GLSAs.\n The Zero Day Initiative, TippingPoint and John Heasman reported\n multiple buffer overflows and unspecified vulnerabilities in Java Web\n Start (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190,\n CVE-2008-1191).\n Hisashi Kojima of Fujitsu and JPCERT/CC reported a security issue\n when performing XSLT transformations (CVE-2008-1187).\n CERT/CC reported a Stack-based buffer overflow in Java Web Start\n when using JNLP files (CVE-2008-1196).\n Azul Systems reported an unspecified vulnerability that allows\n applets to escalate their privileges (CVE-2007-5689).\n Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz,\n Weidong Shao, and David Byrne discovered multiple instances where Java\n applets or JavaScript programs run within browsers do not pin DNS\n hostnames to a single IP address, allowing for DNS rebinding attacks\n (CVE-2007-5232, CVE-2007-5273, CVE-2007-5274).\n Peter Csepely reported that Java Web Start does not properly\n enforce access restrictions for untrusted applications (CVE-2007-5237,\n CVE-2007-5238).\n Java Web Start does not properly enforce access restrictions for\n untrusted Java applications and applets, when handling drag-and-drop\n operations (CVE-2007-5239).\n Giorgio Maone discovered that warnings for untrusted code can be\n hidden under applications' windows (CVE-2007-5240).\n Fujitsu reported two security issues where security restrictions of\n web applets and applications were not properly enforced (CVE-2008-1185,\n CVE-2008-1186).\n John Heasman of NGSSoftware discovered that the Java Plug-in does\n not properly enforce the same origin policy (CVE-2008-1192).\n Chris Evans of the Google Security Team discovered multiple\n unspecified vulnerabilities within the Java Runtime Environment Image\n Parsing Library (CVE-2008-1193, CVE-2008-1194).\n Gregory Fleischer reported that web content fetched via the 'jar:'\n protocol was not subject to network access restrictions\n (CVE-2008-1195).\n Chris Evans and Johannes Henkel of the Google Security Team\n reported that the XML parsing code retrieves external entities even\n when that feature is disabled (CVE-2008-0628).\n Multiple unspecified vulnerabilities might allow for escalation of\n privileges (CVE-2008-0657).\n \nImpact :\n\n A remote attacker could entice a user to run a specially crafted applet\n on a website or start an application in Java Web Start to execute\n arbitrary code outside of the Java sandbox and of the Java security\n restrictions with the privileges of the user running Java. The attacker\n could also obtain sensitive information, create, modify, rename and\n read local files, execute local applications, establish connections in\n the local network, bypass the same origin policy, and cause a Denial of\n Service via multiple vectors.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200705-23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200706-08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200804-20\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Sun JRE 1.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.6.0.05'\n All Sun JRE 1.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.5.0.15'\n All Sun JRE 1.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.4.2.17'\n All Sun JDK 1.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.6.0.05'\n All Sun JDK 1.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.5.0.15'\n All Sun JDK 1.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.4.2.17'\n All emul-linux-x86-java 1.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.6.0.05'\n All emul-linux-x86-java 1.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.5.0.15'\n All emul-linux-x86-java 1.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.4.2.17'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:emul-linux-x86-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jre-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-java/sun-jre-bin\", unaffected:make_list(\"ge 1.6.0.05\", \"rge 1.5.0.21\", \"rge 1.5.0.20\", \"rge 1.5.0.19\", \"rge 1.5.0.18\", \"rge 1.5.0.17\", \"rge 1.5.0.16\", \"rge 1.5.0.15\", \"rge 1.4.2.17\", \"rge 1.5.0.22\"), vulnerable:make_list(\"lt 1.6.0.05\"))) flag++;\nif (qpkg_check(package:\"app-emulation/emul-linux-x86-java\", unaffected:make_list(\"ge 1.6.0.05\", \"rge 1.5.0.21\", \"rge 1.5.0.20\", \"rge 1.5.0.19\", \"rge 1.5.0.18\", \"rge 1.5.0.17\", \"rge 1.5.0.16\", \"rge 1.5.0.15\", \"rge 1.4.2.17\", \"rge 1.5.0.22\"), vulnerable:make_list(\"lt 1.6.0.05\"))) flag++;\nif (qpkg_check(package:\"dev-java/sun-jdk\", unaffected:make_list(\"ge 1.6.0.05\", \"rge 1.5.0.21\", \"rge 1.5.0.20\", \"rge 1.5.0.19\", \"rge 1.5.0.18\", \"rge 1.5.0.17\", \"rge 1.5.0.16\", \"rge 1.5.0.15\", \"rge 1.4.2.17\", \"rge 1.5.0.22\"), vulnerable:make_list(\"lt 1.6.0.05\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Sun JDK/JRE\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:02", "description": "Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language.\n\nFlaws in the JRE allowed an untrusted application or applet to elevate its privileges. This could be exploited by a remote attacker to access local files or execute local applications accessible to the user running the JRE (CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An untrusted JNLP application could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the same origin policy, executing arbitrary code with the permissions of the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possible execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network connections by the use of Java APIs. A remote attacker could use these flaws to access local network services. (CVE-2008-1195)\n\nThis update also fixes an issue where the Java Plug-in is not available for browser use after successful installation.\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0186)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0186.NASL", "href": "https://www.tenable.com/plugins/nessus/40717", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0186. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40717);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_bugtraq_id(28083, 28125);\n script_xref(name:\"RHSA\", value:\"2008:0186\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0186)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-sun packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language.\n\nFlaws in the JRE allowed an untrusted application or applet to elevate\nits privileges. This could be exploited by a remote attacker to access\nlocal files or execute local applications accessible to the user\nrunning the JRE (CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE. (CVE-2008-1188,\nCVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass\nthe same origin policy, executing arbitrary code with the permissions\nof the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to access local network services. (CVE-2008-1195)\n\nThis update also fixes an issue where the Java Plug-in is not\navailable for browser use after successful installation.\n\nUsers of java-1.5.0-sun should upgrade to these updated packages,\nwhich correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1196\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ecc5fe32\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7d0f90a5\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1259b9b1\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d8d3953\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e329ebd\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4755491e\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f802ba78\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0186\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0186\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.15-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.15-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.15-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.15-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-sun / java-1.5.0-sun-demo / java-1.5.0-sun-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:40", "description": "IBM Java 5 was updated to SR7 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may allow an untrusted Java Web Start application that is downloaded from a website to elevate its privileges. For example, an untrusted Java Web Start application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may allow JavaScript(TM) code that is downloaded by a browser to make connections to network services on the system that the browser runs on, through Java APIs, This may allow files (that are accessible through these network services) or vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2008-1195)\n\n - Two buffer overflow vulnerabilities may allow an untrusted applet or application to cause the Java Runtime Environment to crash. (CVE-2008-1194)\n\n - A buffer overflow vulnerability in the Java Runtime Environment image parsing code may allow an untrusted applet or application to create a denial-of-service condition, by causing the Java Runtime Environment to crash. (CVE-2008-1194)\n\n - A buffer overflow vulnerability in the Java Runtime Environment image parsing code allow an untrusted applet or application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1193)\n\n - A vulnerability in the Java Plug-in may an untrusted applet to bypass same origin policy and leverage this flaw to execute local applications that are accessible to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-1189)\n\n - Two buffer overflow vulnerabilities in Java Web Start may independently allow an untrusted Java Web Start application to elevate its privileges. For example, an untrusted Java Web Start application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1188)\n\n - A vulnerability in the Java Runtime Environment with parsing XML data may allow an untrusted applet or application to elevate its privileges. For example, an applet may read certain URL resources (such as some files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment may allow an untrusted application or applet that is downloaded from a website to elevate its privileges. For example, the application or applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application or applet.\n (CVE-2008-0657)\n\n - A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE) may allow malicious JavaScript code that is downloaded by a browser from a malicious website to make network connections, through Java APIs, to network services on machines other than the one that the JavaScript code was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted applet that is downloaded from a malicious website through a web proxy to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write arbitrary files with the privileges of the user running the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted Java Web Start application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet may move or copy arbitrary files by requesting the user of the application or applet to drag and drop a file from the Java Web Start application or Java applet window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so that the applet warning banner is not visible to the user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-4381)", "cvss3": {"score": null, "vector": null}, "published": "2008-04-25T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2008-0657", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_5_0-IBM-5183.NASL", "href": "https://www.tenable.com/plugins/nessus/32050", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32050);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2008-0657\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 5183)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"IBM Java 5 was updated to SR7 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may\n allow an untrusted Java Web Start application that is\n downloaded from a website to elevate its privileges. For\n example, an untrusted Java Web Start application may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may\n allow JavaScript(TM) code that is downloaded by a\n browser to make connections to network services on the\n system that the browser runs on, through Java APIs, This\n may allow files (that are accessible through these\n network services) or vulnerabilities (that exist on\n these network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2008-1195)\n\n - Two buffer overflow vulnerabilities may allow an\n untrusted applet or application to cause the Java\n Runtime Environment to crash. (CVE-2008-1194)\n\n - A buffer overflow vulnerability in the Java Runtime\n Environment image parsing code may allow an untrusted\n applet or application to create a denial-of-service\n condition, by causing the Java Runtime Environment to\n crash. (CVE-2008-1194)\n\n - A buffer overflow vulnerability in the Java Runtime\n Environment image parsing code allow an untrusted applet\n or application to elevate its privileges. For example,\n an application may grant itself permissions to read and\n write local files or execute local applications that are\n accessible to the user running the untrusted\n application. (CVE-2008-1193)\n\n - A vulnerability in the Java Plug-in may an untrusted\n applet to bypass same origin policy and leverage this\n flaw to execute local applications that are accessible\n to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted\n Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions\n to read and write local files or execute local\n applications that are accessible to the user running the\n untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime\n Environment may allow an untrusted applet or application\n to elevate its privileges. For example, an applet may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2008-1189)\n\n - Two buffer overflow vulnerabilities in Java Web Start\n may independently allow an untrusted Java Web Start\n application to elevate its privileges. For example, an\n untrusted Java Web Start application may grant itself\n permissions to read and write local files or execute\n local applications that are accessible to the user\n running the untrusted application. (CVE-2008-1188)\n\n - A vulnerability in the Java Runtime Environment with\n parsing XML data may allow an untrusted applet or\n application to elevate its privileges. For example, an\n applet may read certain URL resources (such as some\n files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment may\n allow an untrusted application or applet that is\n downloaded from a website to elevate its privileges. For\n example, the application or applet may grant itself\n permissions to read and write local files or execute\n local applications that are accessible to the user\n running the untrusted application or applet.\n (CVE-2008-0657)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n with applet caching may allow an untrusted applet that\n is downloaded from a malicious website to make network\n connections to network services on machines other than\n the one that the applet was downloaded from. This may\n allow network resources (such as web pages) and\n vulnerabilities (that exist on these network services)\n which are not otherwise normally accessible to be\n accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n may allow malicious JavaScript code that is downloaded\n by a browser from a malicious website to make network\n connections, through Java APIs, to network services on\n machines other than the one that the JavaScript code was\n downloaded from. This may allow network resources (such\n as web pages) and vulnerabilities (that exist on these\n network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted\n applet that is downloaded from a malicious website\n through a web proxy to make network connections to\n network services on machines other than the one that the\n applet was downloaded from. This may allow network\n resources (such as web pages) and vulnerabilities (that\n exist on these network services) which are not otherwise\n normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write\n arbitrary files with the privileges of the user running\n the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted\n Java Web Start application to determine the location of\n the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet\n may move or copy arbitrary files by requesting the user\n of the application or applet to drag and drop a file\n from the Java Web Start application or Java applet\n window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so\n that the applet warning banner is not visible to the\n user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java\n Runtime Environment may allow an untrusted applet to\n elevate its privileges. For example, an applet may grant\n itself permissions to read and write local files or\n execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2007-4381)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5236.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5239.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5273.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5274.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0657.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1188.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1189.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1193.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1194.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5183.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-demo-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-src-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-fonts-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr7-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr7-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:22", "description": "Updated ESX patches and VirtualCenter update 2 fix the following application vulnerabilities.\n\na. Tomcat Server Security Update\n\nThis release of ESX updates the Tomcat Server package to version 5.5.26, which addresses multiple security issues that existed in earlier releases of Tomcat Server.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286 to the security issues fixed in Tomcat 5.5.26.\n\nb. JRE Security Update\n\nThis release of ESX and VirtualCenter updates the JRE package to version 1.5.0_15, which addresses multiple security issues that existed in earlier releases of JRE.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-0657, CVE-2007-5689, CVE-2007-5232, CVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239, CVE-2007-5240, CVE-2007-5274 to the security issues fixed in JRE 1.5.0_12, JRE 1.5.0_13, JRE 1.5.0_14, JRE 1.5.0_15.\n\nNotes: These vulnerabilities can be exploited remotely only if the attacker has access to the service console network.\nSecurity best practices provided by VMware recommend that the service console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-27T00:00:00", "type": "nessus", "title": "VMSA-2008-00010 : Updated Tomcat and Java JRE packages for VMware, ESX 3.5 and VirtualCenter 2.5 (DEPRECATED)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5274", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-5689", "CVE-2007-6286", "CVE-2008-0657", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2012-04-26T00:00:00", "cpe": ["cpe:/a:emc:vmware"], "id": "VMWARE_VMSA-2008-00010.NASL", "href": "https://www.tenable.com/plugins/nessus/40371", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n# @DEPRECATED@\n#\n# This script has been deprecated by vmware_VMSA-2008-0010.nasl.\n#\n# Disabled on 2011/09/19.\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text of this plugin is (C) VMware Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(40371);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/15 16:35:43\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5274\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5689\", \"CVE-2007-6286\", \"CVE-2008-0657\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"VMSA-2008-00010 : Updated Tomcat and Java JRE packages for VMware, ESX 3.5 and VirtualCenter 2.5 (DEPRECATED)\");\n script_summary(english:\"Looks for patch(es) in esxupdate output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value: \n\"The remote VMware host is missing one or more security-related \npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ESX patches and VirtualCenter update 2 fix the following\napplication vulnerabilities.\n\na. Tomcat Server Security Update\n\nThis release of ESX updates the Tomcat Server package to version\n5.5.26, which addresses multiple security issues that existed\nin earlier releases of Tomcat Server.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the names CVE-2007-5333, CVE-2007-5342, CVE-2007-5461,\nCVE-2007-6286 to the security issues fixed in Tomcat 5.5.26.\n\nb. JRE Security Update\n\nThis release of ESX and VirtualCenter updates the JRE package\nto version 1.5.0_15, which addresses multiple security issues\nthat existed in earlier releases of JRE.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the names CVE-2008-1185, CVE-2008-1186, CVE-2008-1187,\nCVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191,\nCVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195,\nCVE-2008-1196, CVE-2008-0657, CVE-2007-5689, CVE-2007-5232,\nCVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239,\nCVE-2007-5240, CVE-2007-5274 to the security issues fixed in\nJRE 1.5.0_12, JRE 1.5.0_13, JRE 1.5.0_14, JRE 1.5.0_15.\n\nNotes: These vulnerabilities can be exploited remotely only if the\nattacker has access to the service console network.\nSecurity best practices provided by VMware recommend that the\nservice console be isolated from the VM network. Please see\nhttp://www.vmware.com/resources/techresources/726 for more\ninformation on VMware security best practices.\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.vmware.com/security/advisories/VMSA-2008-0010.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.vmware.com/pipermail/security-announce/2008/000031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch(es).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:emc:vmware\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/version\");\n\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #40379 (vmware_VMSA-2008-0010.nasl) instead.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:05", "description": "Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.6.0 Java release includes the IBM Java 2 Runtime Environment, and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An untrusted JNLP application could access local files, or execute local applications accessible to the user running the JRE. (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java plug-in. A remote attacker could bypass the same origin policy, executing arbitrary code with the permissions of the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possibly execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network connections by the use of Java APIs. A remote attacker could use these flaws to access local network services. (CVE-2008-1195)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated packages, that contain IBM's 1.6.0 SR1 Java release, which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : java-1.6.0-ibm (RHSA-2008:0267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-accessibility", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-src", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0267.NASL", "href": "https://www.tenable.com/plugins/nessus/63854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0267. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63854);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_bugtraq_id(28083);\n script_xref(name:\"RHSA\", value:\"2008:0267\");\n\n script_name(english:\"RHEL 5 : java-1.6.0-ibm (RHSA-2008:0267)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-ibm packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.6.0 Java release includes the IBM Java 2 Runtime Environment,\nand the IBM Java 2 Software Development Kit.\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files, or execute local\napplications accessible to the user running the JRE. (CVE-2008-1188,\nCVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java plug-in. A remote attacker could bypass\nthe same origin policy, executing arbitrary code with the permissions\nof the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possibly\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to access local network services. (CVE-2008-1195)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated\npackages, that contain IBM's 1.6.0 SR1 Java release, which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1196\"\n );\n # http://www-128.ibm.com/developerworks/java/jdk/alerts/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ibm.com/us-en/?ar=1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0267\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0267\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.6.0-ibm-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-ibm-accessibility-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"java-1.6.0-ibm-accessibility-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-ibm-accessibility-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.6.0-ibm-demo-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.6.0-ibm-devel-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-ibm-javacomm-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-ibm-javacomm-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.6.0-ibm-jdbc-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-ibm-plugin-1.6.0.1-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.6.0-ibm-src-1.6.0.1-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-ibm / java-1.6.0-ibm-accessibility / java-1.6.0-ibm-demo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:02", "description": "Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nTwo vulnerabilities in the Java Runtime Environment allowed an untrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local files or execute local applications in the context of the user running the Java process. (CVE-2008-0657)\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An untrusted JNLP application could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the same origin policy, executing arbitrary code with the permissions of the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possible execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network connections by the use of Java APIs. A remote attacker could use these flaws to access local network services. (CVE-2008-1195)\n\nAll users of java-ibm-1.5.0 are advised to upgrade to these updated packages, that contain IBM's 1.5.0 SR7 Java release which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0210)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0657", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0210.NASL", "href": "https://www.tenable.com/plugins/nessus/40718", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0210. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40718);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0657\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_bugtraq_id(27650, 28083, 28125);\n script_xref(name:\"RHSA\", value:\"2008:0210\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0210)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-ibm packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit.\n\nTwo vulnerabilities in the Java Runtime Environment allowed an\nuntrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local\nfiles or execute local applications in the context of the user running\nthe Java process. (CVE-2008-0657)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE. (CVE-2008-1188,\nCVE-2008-1189, CVE-2008-1190, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass\nthe same origin policy, executing arbitrary code with the permissions\nof the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to access local network services. (CVE-2008-1195)\n\nAll users of java-ibm-1.5.0 are advised to upgrade to these updated\npackages, that contain IBM's 1.5.0 SR7 Java release which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0210\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0210\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-demo-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-devel-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.7-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-src-1.5.0.7-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-demo-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-devel-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.7-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-src-1.5.0.7-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-ibm / java-1.5.0-ibm-accessibility / java-1.5.0-ibm-demo / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:26", "description": "ESX patches and updates for VirtualCenter fix the following application vulnerabilities.\n\n a. Tomcat Server Security Update\n\nThe ESX patches and the updates for VirtualCenter update the Tomcat Server package to version 5.5.26, which addresses multiple security issues that existed in earlier releases of Tomcat Server.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286 to the security issues fixed in Tomcat 5.5.26.\n\n b. JRE Security Update\n\nThe ESX patches and the updates for VirtualCenter update the JRE package to version 1.5.0_15, which addresses multiple security issues that existed in earlier releases of JRE.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196, CVE-2008-0657, CVE-2007-5689, CVE-2007-5232, CVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239, CVE-2007-5240, CVE-2007-5274 to the security issues fixed in JRE 1.5.0_12, JRE 1.5.0_13, JRE 1.5.0_14, JRE 1.5.0_15.", "cvss3": {"score": null, "vector": null}, "published": "2009-07-27T00:00:00", "type": "nessus", "title": "VMSA-2008-0010 : Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5274", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-5689", "CVE-2007-6286", "CVE-2008-0657", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196", "CVE-2008-4294"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.0.1", "cpe:/o:vmware:esx:3.0.2", "cpe:/o:vmware:esx:3.0.3", "cpe:/o:vmware:esx:3.5"], "id": "VMWARE_VMSA-2008-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/40379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2008-0010. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40379);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5274\", \"CVE-2007-5333\", \"CVE-2007-5342\", \"CVE-2007-5461\", \"CVE-2007-5689\", \"CVE-2007-6286\", \"CVE-2008-0657\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\", \"CVE-2008-4294\");\n script_bugtraq_id(25918, 25920, 26070, 27006, 27650, 27706, 28083, 28125);\n script_xref(name:\"VMSA\", value:\"2008-0010\");\n\n script_name(english:\"VMSA-2008-0010 : Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter\");\n script_summary(english:\"Checks esxupdate output for the patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote VMware ESX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ESX patches and updates for VirtualCenter fix the following\napplication vulnerabilities.\n\n a. Tomcat Server Security Update\n\nThe ESX patches and the updates for VirtualCenter update the\nTomcat Server package to version 5.5.26, which addresses multiple\nsecurity issues that existed in earlier releases of Tomcat Server.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the names CVE-2007-5333, CVE-2007-5342, CVE-2007-5461,\nCVE-2007-6286 to the security issues fixed in Tomcat 5.5.26.\n\n b. JRE Security Update\n\nThe ESX patches and the updates for VirtualCenter update the JRE\npackage to version 1.5.0_15, which addresses multiple security\nissues that existed in earlier releases of JRE.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the names CVE-2008-1185, CVE-2008-1186, CVE-2008-1187,\nCVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191,\nCVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195,\nCVE-2008-1196, CVE-2008-0657, CVE-2007-5689, CVE-2007-5232,\nCVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5239,\nCVE-2007-5240, CVE-2007-5274 to the security issues fixed in\nJRE 1.5.0_12, JRE 1.5.0_13, JRE 1.5.0_14, JRE 1.5.0_15.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2008/000031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(22, 119, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.0.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2008-06-16\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 3.0.1\", patch:\"ESX-1004823\")) flag++;\n\nif (esx_check(ver:\"ESX 3.0.2\", patch:\"ESX-1006360\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 3.0.3\",\n patch : \"ESX303-200808407-SG\",\n patch_updates : make_list(\"ESX303-Rollup01\", \"ESX303-Update01\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESX 3.5.0\",\n patch : \"ESX350-200806404-SG\",\n patch_updates : make_list(\"ESX350-201003403-SG\", \"ESX350-201203401-SG\", \"ESX350-Update02\", \"ESX350-Update03\", \"ESX350-Update04\", \"ESX350-Update05\", \"ESX350-Update05a\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:00", "description": "Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5274)\n\nIn Red Hat Enterprise Linux a Java Web Start application requesting elevated permissions is only started automatically when signed with a trusted code signing certificate and otherwise requires user confirmation to access privileged resources.\n\nAll users of java-sun-1.5.0 should upgrade to these packages, which contain Sun Java 1.5.0 Update 13 that corrects these issues.\n\nPlease note that during our quality testing we discovered that the Java browser plug-in may not function perfectly when visiting some sites that make use of multiple applets on a single HTML page. We have verified that this issue is not due to our packaging and affects Sun Java 1.5.0 Update 13.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-sun (RHSA-2007:0963)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0963.NASL", "href": "https://www.tenable.com/plugins/nessus/40709", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0963. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40709);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2007-5689\");\n script_bugtraq_id(25918, 25920);\n script_xref(name:\"RHSA\", value:\"2007:0963\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-sun (RHSA-2007:0963)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-sun packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment\n(JRE) did not correctly process the creation of network connections. A\nremote attacker could use this flaw to create connections to services\non machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an\nuntrusted application to determine the location of the Java Web Start\ncache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to\ndrag and drop a file to a Desktop Application. A user-assisted remote\nattacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or\napplications to display oversized Windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed\nremote attackers to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5274)\n\nIn Red Hat Enterprise Linux a Java Web Start application requesting\nelevated permissions is only started automatically when signed with a\ntrusted code signing certificate and otherwise requires user\nconfirmation to access privileged resources.\n\nAll users of java-sun-1.5.0 should upgrade to these packages, which\ncontain Sun Java 1.5.0 Update 13 that corrects these issues.\n\nPlease note that during our quality testing we discovered that the\nJava browser plug-in may not function perfectly when visiting some\nsites that make use of multiple applets on a single HTML page. We have\nverified that this issue is not due to our packaging and affects Sun\nJava 1.5.0 Update 13.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0963\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0963\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.13-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.13-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.13-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.13-1jpp.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-sun / java-1.5.0-sun-demo / java-1.5.0-sun-devel / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:55", "description": "Sun Java was updated to 1.4.2u17 to fix following security vulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers should gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and 'execute local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.", "cvss3": {"score": null, "vector": null}, "published": "2008-04-04T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-5130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1158", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_4_2-sun", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_JAVA-1_4_2-SUN-5130.NASL", "href": "https://www.tenable.com/plugins/nessus/31771", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_4_2-sun-5130.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31771);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-5130)\");\n script_summary(english:\"Check for the java-1_4_2-sun-5130 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sun Java was updated to 1.4.2u17 to fix following security\nvulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK 6\n Update 4 and earlier, 5.0 Update 14 and earlier, and\n SDK/JRE 1.4.2_16 and earlier allows remote attackers\n should gain privileges via an untrusted application or\n applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK\n 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and\n earlier, allows remote attackers to gain privileges via\n an untrusted application or applet, a different issue\n than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java\n Runtime Environment (JRE) and JDK 6 Update 4 and\n earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16\n and earlier allows remote attackers to cause a denial of\n service (JRE crash) and possibly execute arbitrary code\n via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and\n earlier, and SDK/JRE 1.4.2_16 and earlier allows remote\n attackers to execute arbitrary code via unknown vectors,\n a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web\n Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0\n Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier\n allows remote attackers to gain privileges via an\n untrusted application, a different issue than\n CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java\n Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and\n 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and\n earlier, and 1.3.1_21 and earlier; allows remote\n attackers to bypass the same origin policy and 'execute\n local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and\n Java Runtime Environment (JRE) 6 Update 4 and earlier\n and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16\n and earlier; allows remote attackers to access arbitrary\n network services on the local host via unspecified\n vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web\n Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and\n earlier and 5.0 Update 14 and earlier; and SDK and JRE\n 1.4.2_16 and earlier; allows remote attackers to execute\n arbitrary code via a crafted JNLP file.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_4_2-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-alsa-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-demo-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-devel-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-jdbc-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-plugin-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-src-1.4.2.17-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-alsa-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-demo-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-devel-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-jdbc-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-plugin-1.4.2_update17-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-src-1.4.2_update17-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_4_2-sun\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:49", "description": "Sun Java was updated to 1.5.0u15 to fix following security vulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers should gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and 'execute local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.", "cvss3": {"score": null, "vector": null}, "published": "2008-04-04T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-5133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1158", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_5_0-sun", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_JAVA-1_5_0-SUN-5133.NASL", "href": "https://www.tenable.com/plugins/nessus/31773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_5_0-sun-5133.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31773);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-5133)\");\n script_summary(english:\"Check for the java-1_5_0-sun-5133 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sun Java was updated to 1.5.0u15 to fix following security\nvulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK 6\n Update 4 and earlier, 5.0 Update 14 and earlier, and\n SDK/JRE 1.4.2_16 and earlier allows remote attackers\n should gain privileges via an untrusted application or\n applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK\n 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and\n earlier, allows remote attackers to gain privileges via\n an untrusted application or applet, a different issue\n than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java\n Runtime Environment (JRE) and JDK 6 Update 4 and\n earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16\n and earlier allows remote attackers to cause a denial of\n service (JRE crash) and possibly execute arbitrary code\n via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and\n earlier, and SDK/JRE 1.4.2_16 and earlier allows remote\n attackers to execute arbitrary code via unknown vectors,\n a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web\n Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0\n Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier\n allows remote attackers to gain privileges via an\n untrusted application, a different issue than\n CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java\n Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and\n 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and\n earlier, and 1.3.1_21 and earlier; allows remote\n attackers to bypass the same origin policy and 'execute\n local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and\n Java Runtime Environment (JRE) 6 Update 4 and earlier\n and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16\n and earlier; allows remote attackers to access arbitrary\n network services on the local host via unspecified\n vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web\n Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and\n earlier and 5.0 Update 14 and earlier; and SDK and JRE\n 1.4.2_16 and earlier; allows remote attackers to execute\n arbitrary code via a crafted JNLP file.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_5_0-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-alsa-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-demo-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-devel-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-jdbc-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-plugin-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-src-1.5.0_15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-alsa-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-demo-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-devel-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-jdbc-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-plugin-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-src-1.5.0_update14-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-alsa-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-demo-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-devel-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-jdbc-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-plugin-1.5.0_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-src-1.5.0_update15-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_5_0-sun\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:53", "description": "Sun Java was updated to 1.6.0u5 to fix following security vulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers should gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and 'execute local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.", "cvss3": {"score": null, "vector": null}, "published": "2008-04-04T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-5132)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1158", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-sun", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-debuginfo", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-plugin", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_JAVA-1_6_0-SUN-5132.NASL", "href": "https://www.tenable.com/plugins/nessus/31774", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_6_0-sun-5132.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31774);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-5132)\");\n script_summary(english:\"Check for the java-1_6_0-sun-5132 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sun Java was updated to 1.6.0u5 to fix following security\nvulnerabilities :\n\n - CVE-2008-1158: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK 6\n Update 4 and earlier, 5.0 Update 14 and earlier, and\n SDK/JRE 1.4.2_16 and earlier allows remote attackers\n should gain privileges via an untrusted application or\n applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual\n Machine for Sun Java Runtime Environment (JRE) and JDK\n 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and\n earlier, allows remote attackers to gain privileges via\n an untrusted application or applet, a different issue\n than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java\n Runtime Environment (JRE) and JDK 6 Update 4 and\n earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16\n and earlier allows remote attackers to cause a denial of\n service (JRE crash) and possibly execute arbitrary code\n via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and\n earlier, and SDK/JRE 1.4.2_16 and earlier allows remote\n attackers to execute arbitrary code via unknown vectors,\n a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web\n Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0\n Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier\n allows remote attackers to gain privileges via an\n untrusted application, a different issue than\n CVE-2008-1191.\n\n - CVE-2008-1192: Unspecified vulnerability in the Java\n Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and\n 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and\n earlier, and 1.3.1_21 and earlier; allows remote\n attackers to bypass the same origin policy and 'execute\n local applications' via unknown vectors.\n\n - CVE-2008-1195: Unspecified vulnerability in Sun JDK and\n Java Runtime Environment (JRE) 6 Update 4 and earlier\n and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16\n and earlier; allows remote attackers to access arbitrary\n network services on the local host via unspecified\n vectors related to JavaScript and Java APIs.\n\n - CVE-2008-1196: Stack-based buffer overflow in Java Web\n Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and\n earlier and 5.0 Update 14 and earlier; and SDK and JRE\n 1.4.2_16 and earlier; allows remote attackers to execute\n arbitrary code via a crafted JNLP file.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_6_0-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-alsa-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-debuginfo-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-demo-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-devel-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-jdbc-1.6.0.u5-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-plugin-1.6.0.u5-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-sun\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:53", "description": "Sun Java was updated to 1.4.2u17 to fix following security vulnerabilities :\n\n - Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers should gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186. (CVE-2008-1158)\n\n - Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185. (CVE-2008-1186)\n\n - Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.\n (CVE-2008-1187)\n\n - Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188. (CVE-2008-1189)\n\n - Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191.\n (CVE-2008-1190)\n\n - Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and 'execute local applications' via unknown vectors. (CVE-2008-1192)\n\n - Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier;\n allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs. (CVE-2008-1195)\n\n - Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file. (CVE-2008-1196)", "cvss3": {"score": null, "vector": null}, "published": "2008-04-04T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Sun Java (ZYPP Patch Number 5131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1158", "CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-SUN-5131.NASL", "href": "https://www.tenable.com/plugins/nessus/31772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31772);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE 10 Security Update : Sun Java (ZYPP Patch Number 5131)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sun Java was updated to 1.4.2u17 to fix following security\nvulnerabilities :\n\n - Unspecified vulnerability in the Virtual Machine for Sun\n Java Runtime Environment (JRE) and JDK 6 Update 4 and\n earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16\n and earlier allows remote attackers should gain\n privileges via an untrusted application or applet, a\n different issue than CVE-2008-1186. (CVE-2008-1158)\n\n - Unspecified vulnerability in the Virtual Machine for Sun\n Java Runtime Environment (JRE) and JDK 5.0 Update 13 and\n earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote\n attackers to gain privileges via an untrusted\n application or applet, a different issue than\n CVE-2008-1185. (CVE-2008-1186)\n\n - Unspecified vulnerability in Sun Java Runtime\n Environment (JRE) and JDK 6 Update 4 and earlier, 5.0\n Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier\n allows remote attackers to cause a denial of service\n (JRE crash) and possibly execute arbitrary code via\n unknown vectors related to XSLT transforms.\n (CVE-2008-1187)\n\n - Buffer overflow in Java Web Start in Sun JDK and JRE 6\n Update 4 and earlier, 5.0 Update 14 and earlier, and\n SDK/JRE 1.4.2_16 and earlier allows remote attackers to\n execute arbitrary code via unknown vectors, a different\n issue than CVE-2008-1188. (CVE-2008-1189)\n\n - Unspecified vulnerability in Java Web Start in Sun JDK\n and JRE 6 Update 4 and earlier, 5.0 Update 14 and\n earlier, and SDK/JRE 1.4.2_16 and earlier allows remote\n attackers to gain privileges via an untrusted\n application, a different issue than CVE-2008-1191.\n (CVE-2008-1190)\n\n - Unspecified vulnerability in the Java Plug-in for Sun\n JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14\n and earlier; and SDK and JRE 1.4.2_16 and earlier, and\n 1.3.1_21 and earlier; allows remote attackers to bypass\n the same origin policy and 'execute local applications'\n via unknown vectors. (CVE-2008-1192)\n\n - Unspecified vulnerability in Sun JDK and Java Runtime\n Environment (JRE) 6 Update 4 and earlier and 5.0 Update\n 14 and earlier; and SDK and JRE 1.4.2_16 and earlier;\n allows remote attackers to access arbitrary network\n services on the local host via unspecified vectors\n related to JavaScript and Java APIs. (CVE-2008-1195)\n\n - Stack-based buffer overflow in Java Web Start\n (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier\n and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16\n and earlier; allows remote attackers to execute\n arbitrary code via a crafted JNLP file. (CVE-2008-1196)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1158.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1185.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1186.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1188.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1189.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1191.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5131.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-demo-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-src-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.17-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.17-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:51", "description": "IBM Java 1.4.2 was updated to SR10 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may allow an untrusted Java Web Start application that is downloaded from a website to elevate its privileges. For example, an untrusted Java Web Start application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may allow JavaScript(TM) code that is downloaded by a browser to make connections to network services on the system that the browser runs on, through Java APIs, This may allow files (that are accessible through these network services) or vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2008-1195)\n\n - A vulnerability in the Java Plug-in may an untrusted applet to bypass same origin policy and leverage this flaw to execute local applications that are accessible to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-1189)\n\n - A vulnerability in the Java Runtime Environment with parsing XML data may allow an untrusted applet or application to elevate its privileges. For example, an applet may read certain URL resources (such as some files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE) may allow malicious JavaScript code that is downloaded by a browser from a malicious website to make network connections, through Java APIs, to network services on machines other than the one that the JavaScript code was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted applet that is downloaded from a malicious website through a web proxy to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write arbitrary files with the privileges of the user running the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted Java Web Start application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet may move or copy arbitrary files by requesting the user of the application or applet to drag and drop a file from the Java Web Start application or Java applet window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so that the applet warning banner is not visible to the user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-4381)\n\n - The Java Secure Socket Extension (JSSE) that is included in various releases of the Java Runtime Environment does not correctly process SSL/TLS handshake requests. This vulnerability may be exploited to create a Denial of Service (DoS) condition to the system as a whole on a server that listens for SSL/TLS connections using JSSE for SSL/TLS support. (CVE-2007-3698)", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : IBM Java 2 JRE and SDK (YOU Patch Number 12142)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2008-1187", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12142.NASL", "href": "https://www.tenable.com/plugins/nessus/41210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41210);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE9 Security Update : IBM Java 2 JRE and SDK (YOU Patch Number 12142)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"IBM Java 1.4.2 was updated to SR10 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may\n allow an untrusted Java Web Start application that is\n downloaded from a website to elevate its privileges. For\n example, an untrusted Java Web Start application may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may\n allow JavaScript(TM) code that is downloaded by a\n browser to make connections to network services on the\n system that the browser runs on, through Java APIs, This\n may allow files (that are accessible through these\n network services) or vulnerabilities (that exist on\n these network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2008-1195)\n\n - A vulnerability in the Java Plug-in may an untrusted\n applet to bypass same origin policy and leverage this\n flaw to execute local applications that are accessible\n to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted\n Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions\n to read and write local files or execute local\n applications that are accessible to the user running the\n untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime\n Environment may allow an untrusted applet or application\n to elevate its privileges. For example, an applet may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2008-1189)\n\n - A vulnerability in the Java Runtime Environment with\n parsing XML data may allow an untrusted applet or\n application to elevate its privileges. For example, an\n applet may read certain URL resources (such as some\n files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n with applet caching may allow an untrusted applet that\n is downloaded from a malicious website to make network\n connections to network services on machines other than\n the one that the applet was downloaded from. This may\n allow network resources (such as web pages) and\n vulnerabilities (that exist on these network services)\n which are not otherwise normally accessible to be\n accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n may allow malicious JavaScript code that is downloaded\n by a browser from a malicious website to make network\n connections, through Java APIs, to network services on\n machines other than the one that the JavaScript code was\n downloaded from. This may allow network resources (such\n as web pages) and vulnerabilities (that exist on these\n network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted\n applet that is downloaded from a malicious website\n through a web proxy to make network connections to\n network services on machines other than the one that the\n applet was downloaded from. This may allow network\n resources (such as web pages) and vulnerabilities (that\n exist on these network services) which are not otherwise\n normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write\n arbitrary files with the privileges of the user running\n the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted\n Java Web Start application to determine the location of\n the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet\n may move or copy arbitrary files by requesting the user\n of the application or applet to drag and drop a file\n from the Java Web Start application or Java applet\n window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so\n that the applet warning banner is not visible to the\n user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java\n Runtime Environment may allow an untrusted applet to\n elevate its privileges. For example, an applet may grant\n itself permissions to read and write local files or\n execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2007-4381)\n\n - The Java Secure Socket Extension (JSSE) that is included\n in various releases of the Java Runtime Environment does\n not correctly process SSL/TLS handshake requests. This\n vulnerability may be exploited to create a Denial of\n Service (DoS) condition to the system as a whole on a\n server that listens for SSL/TLS connections using JSSE\n for SSL/TLS support. (CVE-2007-3698)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5236.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5239.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5273.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5274.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1189.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12142.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"IBMJava2-JRE-1.4.2-0.112\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"IBMJava2-SDK-1.4.2-0.112\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:10:36", "description": "IBM Java 1.4.2 was updated to SR10 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may allow an untrusted Java Web Start application that is downloaded from a website to elevate its privileges. For example, an untrusted Java Web Start application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may allow JavaScript(TM) code that is downloaded by a browser to make connections to network services on the system that the browser runs on, through Java APIs, This may allow files (that are accessible through these network services) or vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2008-1195)\n\n - A vulnerability in the Java Plug-in may an untrusted applet to bypass same origin policy and leverage this flaw to execute local applications that are accessible to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-1189)\n\n - A vulnerability in the Java Runtime Environment with parsing XML data may allow an untrusted applet or application to elevate its privileges. For example, an applet may read certain URL resources (such as some files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE) may allow malicious JavaScript code that is downloaded by a browser from a malicious website to make network connections, through Java APIs, to network services on machines other than the one that the JavaScript code was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted applet that is downloaded from a malicious website through a web proxy to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write arbitrary files with the privileges of the user running the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted Java Web Start application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet may move or copy arbitrary files by requesting the user of the application or applet to drag and drop a file from the Java Web Start application or Java applet window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so that the applet warning banner is not visible to the user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-4381)\n\n - The Java Secure Socket Extension (JSSE) that is included in various releases of the Java Runtime Environment does not correctly process SSL/TLS handshake requests. This vulnerability may be exploited to create a Denial of Service (DoS) condition to the system as a whole on a server that listens for SSL/TLS connections using JSSE for SSL/TLS support. (CVE-2007-3698)", "cvss3": {"score": null, "vector": null}, "published": "2008-04-25T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 5182)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2008-1187", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1192", "CVE-2008-1195", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-IBM-5182.NASL", "href": "https://www.tenable.com/plugins/nessus/32049", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(32049);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 5182)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"IBM Java 1.4.2 was updated to SR10 to fix various security issues :\n\n - A buffer overflow vulnerability in Java Web Start may\n allow an untrusted Java Web Start application that is\n downloaded from a website to elevate its privileges. For\n example, an untrusted Java Web Start application may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted application. (CVE-2008-1196)\n\n - A vulnerability in the Java Runtime Environment may\n allow JavaScript(TM) code that is downloaded by a\n browser to make connections to network services on the\n system that the browser runs on, through Java APIs, This\n may allow files (that are accessible through these\n network services) or vulnerabilities (that exist on\n these network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2008-1195)\n\n - A vulnerability in the Java Plug-in may an untrusted\n applet to bypass same origin policy and leverage this\n flaw to execute local applications that are accessible\n to the user running the untrusted applet.\n (CVE-2008-1192)\n\n - A vulnerability in Java Web Start may allow an untrusted\n Java Web Start application to elevate its privileges.\n For example, an application may grant itself permissions\n to read and write local files or execute local\n applications that are accessible to the user running the\n untrusted application. (CVE-2008-1190)\n\n - A buffer overflow vulnerability in the Java Runtime\n Environment may allow an untrusted applet or application\n to elevate its privileges. For example, an applet may\n grant itself permissions to read and write local files\n or execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2008-1189)\n\n - A vulnerability in the Java Runtime Environment with\n parsing XML data may allow an untrusted applet or\n application to elevate its privileges. For example, an\n applet may read certain URL resources (such as some\n files and web pages). (CVE-2008-1187)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n with applet caching may allow an untrusted applet that\n is downloaded from a malicious website to make network\n connections to network services on machines other than\n the one that the applet was downloaded from. This may\n allow network resources (such as web pages) and\n vulnerabilities (that exist on these network services)\n which are not otherwise normally accessible to be\n accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n may allow malicious JavaScript code that is downloaded\n by a browser from a malicious website to make network\n connections, through Java APIs, to network services on\n machines other than the one that the JavaScript code was\n downloaded from. This may allow network resources (such\n as web pages) and vulnerabilities (that exist on these\n network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted\n applet that is downloaded from a malicious website\n through a web proxy to make network connections to\n network services on machines other than the one that the\n applet was downloaded from. This may allow network\n resources (such as web pages) and vulnerabilities (that\n exist on these network services) which are not otherwise\n normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write\n arbitrary files with the privileges of the user running\n the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted\n Java Web Start application to determine the location of\n the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet\n may move or copy arbitrary files by requesting the user\n of the application or applet to drag and drop a file\n from the Java Web Start application or Java applet\n window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so\n that the applet warning banner is not visible to the\n user running the untrusted applet. (CVE-2007-5240)\n\n - A vulnerability in the font parsing code in the Java\n Runtime Environment may allow an untrusted applet to\n elevate its privileges. For example, an applet may grant\n itself permissions to read and write local files or\n execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2007-4381)\n\n - The Java Secure Socket Extension (JSSE) that is included\n in various releases of the Java Runtime Environment does\n not correctly process SSL/TLS handshake requests. This\n vulnerability may be exploited to create a Denial of\n Service (DoS) condition to the system as a whole on a\n server that listens for SSL/TLS connections using JSSE\n for SSL/TLS support. (CVE-2007-3698)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5236.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5239.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5273.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5274.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1189.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5182.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-1.4.2_sr10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-devel-1.4.2_sr10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-jdbc-1.4.2_sr10-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-plugin-1.4.2_sr10-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:27:35", "description": "According to its version number, the Sun Java Runtime Environment (JRE) and/or Web Start installed on the remote host is reportedly affected by several issues that could be abused to move / copy local files, read or write local files, circumvent network access restrictions, or elevate privileges.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java JRE / Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_103079_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64824", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64824);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-5232\",\n \"CVE-2007-5236\",\n \"CVE-2007-5237\",\n \"CVE-2007-5238\",\n \"CVE-2007-5239\",\n \"CVE-2007-5240\",\n \"CVE-2007-5273\",\n \"CVE-2007-5274\",\n \"CVE-2007-5689\"\n );\n script_bugtraq_id(25918, 25920, 26185);\n\n script_name(english:\"Sun Java JRE / Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment (JRE)\nand/or Web Start installed on the remote host is reportedly affected by\nseveral issues that could be abused to move / copy local files, read or\nwrite local files, circumvent network access restrictions, or elevate\nprivileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://conference.hitb.org/hitbsecconf2007kl/?page_id=148\");\n # http://web.archive.org/web/20080129213300/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d88f8c90\");\n # http://web.archive.org/web/20080129213305/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3744db68\");\n # http://web.archive.org/web/20080622195736/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6dd067e0\");\n # http://web.archive.org/web/20080609024942/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1cbab94e\");\n # http://web.archive.org/web/20071027024719/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?811a9446\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun JDK and JRE 6 Update 3 / JDK and JRE 5.0 Update 13 / SDK\nand JRE 1.4.2_16 / SDK and JRE 1.3.1_21 or later and remove, if\nnecessary, any other affected versions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-5689\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[0-2][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-2])[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-5][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.(0_|1_([01][0-9]|20[^0-9]?))\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_03 / 1.5.0_13 / 1.4.2_16 / 1.3.1_21\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:44:51", "description": "According to its version number, the Sun Java Runtime Environment (JRE) and/or Web Start installed on the remote host reportedly is affected by several issues that could be abused to move / copy local files, read or write local files, circumvent network access restrictions, or elevate privileges.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2007-10-05T00:00:00", "type": "nessus", "title": "Sun Java JRE / Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2007-5689"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_103079.NASL", "href": "https://www.tenable.com/plugins/nessus/26923", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26923);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2007-5232\",\n \"CVE-2007-5236\",\n \"CVE-2007-5237\",\n \"CVE-2007-5238\",\n \"CVE-2007-5239\",\n \"CVE-2007-5240\",\n \"CVE-2007-5273\",\n \"CVE-2007-5274\",\n \"CVE-2007-5689\"\n );\n script_bugtraq_id(25918, 25920, 26185);\n\n script_name(english:\"Sun Java JRE / Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment\n(JRE) and/or Web Start installed on the remote host reportedly is\naffected by several issues that could be abused to move / copy local\nfiles, read or write local files, circumvent network access\nrestrictions, or elevate privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://conference.hitb.org/hitbsecconf2007kl/?page_id=148\");\n # http://web.archive.org/web/20080129213300/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d88f8c90\");\n # http://web.archive.org/web/20080129213305/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3744db68\");\n # http://web.archive.org/web/20080622195736/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6dd067e0\");\n # http://web.archive.org/web/20080609024942/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1cbab94e\");\n # http://web.archive.org/web/20071027024719/http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?811a9446\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun JDK and JRE 6 Update 3 / JDK and JRE 5.0 Update 13 / SDK\nand JRE 1.4.2_16 / SDK and JRE 1.3.1_21 or later and remove if\nnecessary any other affected versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[0-2][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-2])[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-5][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.(0_|1_([01][0-9]|20[^0-9]?))\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_03 / 1.5.0_13 / 1.4.2_16 / 1.3.1_21\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:56", "description": "Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.4.2 SR10 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nThe Java Secure Socket Extension (JSSE) component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processes font data. An untrusted applet could elevate its privileges, allowing the applet to perform actions with the same permissions as the logged in user. It may also be possible to crash a server application which processes untrusted font information from a third party.\n(CVE-2007-4381)\n\nThe applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached malicious Applet could create network connections to services on other machines.\n(CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached malicious Applet could create network connections to services on other machines. (CVE-2007-5274)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated packages, that contain IBM's 1.4.2 SR10 Java release which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0132)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1192", "CVE-2008-1195"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0132.NASL", "href": "https://www.tenable.com/plugins/nessus/40714", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0132. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40714);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1195\");\n script_bugtraq_id(24846, 25340, 25918, 25920);\n script_xref(name:\"RHSA\", value:\"2008:0132\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0132)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-ibm packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 3 and 4 Extras, and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.4.2 SR10 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nThe Java Secure Socket Extension (JSSE) component did not correctly\nprocess SSL/TLS handshake requests. A remote attacker who is able to\nconnect to a JSSE-based service could trigger this flaw leading to a\ndenial-of-service. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processes\nfont data. An untrusted applet could elevate its privileges, allowing\nthe applet to perform actions with the same permissions as the logged\nin user. It may also be possible to crash a server application which\nprocesses untrusted font information from a third party.\n(CVE-2007-4381)\n\nThe applet caching mechanism of the Java Runtime Environment (JRE) did\nnot correctly process the creation of network connections. A remote\nattacker could use this flaw to create connections to services on\nmachines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an\nuntrusted application to determine the location of the Java Web Start\ncache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to\ndrag and drop a file to a Desktop Application. A user-assisted remote\nattacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment allowed untrusted Java Applets or\napplications to display oversized Windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached malicious\nApplet could create network connections to services on other machines.\n(CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed\nremote attackers to violate the Java security model. A cached\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5274)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, that contain IBM's 1.4.2 SR10 Java release which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1190\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0132\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0132\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-demo-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-devel-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.10-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-src-1.4.2.10-1jpp.2.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-demo-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-devel-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.10-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-src-1.4.2.10-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-demo-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-devel-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.10-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-src-1.4.2.10-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.4.2-ibm / java-1.4.2-ibm-demo / java-1.4.2-ibm-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:02", "description": "Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nThe applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached malicious Applet could create network connections to services on other machines.\n(CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached malicious Applet could create network connections to services on other machines. (CVE-2007-5274)\n\nAll users of java-ibm-1.5.0 are advised to upgrade to these updated packages, that contain IBM's 1.5.0 SR6 Java release which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:1041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-1041.NASL", "href": "https://www.tenable.com/plugins/nessus/40710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1041. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40710);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n script_bugtraq_id(25918, 25920);\n script_xref(name:\"RHSA\", value:\"2007:1041\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:1041)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-ibm packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit.\n\nThe applet caching mechanism of the Java Runtime Environment (JRE) did\nnot correctly process the creation of network connections. A remote\nattacker could use this flaw to create connections to services on\nmachines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an\nuntrusted application to determine the location of the Java Web Start\ncache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to\ndrag and drop a file to a Desktop Application. A user-assisted remote\nattacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment allowed untrusted Java Applets or\napplications to display oversized Windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached malicious\nApplet could create network connections to services on other machines.\n(CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed\nremote attackers to violate the Java security model. A cached\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5274)\n\nAll users of java-ibm-1.5.0 are advised to upgrade to these updated\npackages, that contain IBM's 1.5.0 SR6 Java release which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1041\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1041\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-demo-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-devel-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.6-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-src-1.5.0.6-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-accessibility-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-demo-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-devel-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.6-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-src-1.5.0.6-1jpp.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-ibm / java-1.5.0-ibm-accessibility / java-1.5.0-ibm-demo / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T13:13:10", "description": "The Sun JAVA JDK 1.5.0 was upgraded to release 13 to fix various bugs, including the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enfor ce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka 'two vulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-18T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-4527)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_5_0-sun", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_JAVA-1_5_0-SUN-4527.NASL", "href": "https://www.tenable.com/plugins/nessus/27512", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_5_0-sun-4527.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27512);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-4527)\");\n script_summary(english:\"Check for the java-1_5_0-sun-4527 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.5.0 was upgraded to release 13 to fix various bugs,\nincluding the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\napplet caching is enabled, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a DNS\nrebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and\nearlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not\nproperly enfor ce access restrictions for untrusted applications,\nwhich allows user-assisted remote attackers to read local files via an\nuntrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier does not properly enforce access restrictions for untrusted\napplications, which allows user-assisted remote attackers to read and\nmodify local files via an untrusted application, aka 'two\nvulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE\n1.4.2_15 and earlier does not properly enforce access restrictions for\nuntrusted applications, which allows user-assisted remote attackers to\nobtain sensitive information (the Java Web Start cache location) via\nan untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15\nand earlier, and SDK and JRE 1.3.1_20 and earlier does not properly\nenforce access restrictions for untrusted (1) applications and (2)\napplets, which allows user-assisted remote attackers to copy or rename\narbitrary files when local users perform drag-and-drop operations from\nthe untrusted application or applet window onto certain types of\ndesktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime\nEnvironment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0\nUpdate 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\nJRE 1.3.1_20 and earlier allows remote attackers to circumvent display\nof the untrusted-code warning banner by creating a window larger than\nthe workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nan HTTP proxy server is used, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a multi-pin\nDNS rebinding attack in which the applet download relies on DNS\nresolution on the proxy server, but the applet's socket operations\nrely on DNS resolution on the local machine, a different issue than\nCVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nFirefox or Opera is used, allows remote attackers to violate the\nsecurity model for JavaScript outbound connections via a multi-pin DNS\nrebinding attack dependent on the LiveConnect API, in which JavaScript\ndownload relies on DNS resolution by the browser, but JavaScript\nsocket operations rely on separate DNS resolution by a Java Virtual\nMachine (JVM), a different issue than CVE-2007-5273.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_5_0-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-alsa-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-demo-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-devel-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-jdbc-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-plugin-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-src-1.5.0_13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-alsa-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-demo-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-devel-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-jdbc-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-plugin-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-src-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-alsa-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-demo-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-devel-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-jdbc-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-plugin-1.5.0_update13-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_5_0-sun-src-1.5.0_update13-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_5_0-sun\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:N"}}, {"lastseen": "2021-08-19T13:13:34", "description": "The Sun JAVA JDK 1.6.0 was upgraded to release 3 to fix various bugs, including the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enfor ce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka 'two vulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-18T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-4525)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-sun", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_6_0-sun-plugin", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_JAVA-1_6_0-SUN-4525.NASL", "href": "https://www.tenable.com/plugins/nessus/27513", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_6_0-sun-4525.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27513);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-4525)\");\n script_summary(english:\"Check for the java-1_6_0-sun-4525 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.6.0 was upgraded to release 3 to fix various bugs,\nincluding the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\napplet caching is enabled, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a DNS\nrebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and\nearlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not\nproperly enfor ce access restrictions for untrusted applications,\nwhich allows user-assisted remote attackers to read local files via an\nuntrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier does not properly enforce access restrictions for untrusted\napplications, which allows user-assisted remote attackers to read and\nmodify local files via an untrusted application, aka 'two\nvulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE\n1.4.2_15 and earlier does not properly enforce access restrictions for\nuntrusted applications, which allows user-assisted remote attackers to\nobtain sensitive information (the Java Web Start cache location) via\nan untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15\nand earlier, and SDK and JRE 1.3.1_20 and earlier does not properly\nenforce access restrictions for untrusted (1) applications and (2)\napplets, which allows user-assisted remote attackers to copy or rename\narbitrary files when local users perform drag-and-drop operations from\nthe untrusted application or applet window onto certain types of\ndesktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime\nEnvironment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0\nUpdate 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\nJRE 1.3.1_20 and earlier allows remote attackers to circumvent display\nof the untrusted-code warning banner by creating a window larger than\nthe workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nan HTTP proxy server is used, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a multi-pin\nDNS rebinding attack in which the applet download relies on DNS\nresolution on the proxy server, but the applet's socket operations\nrely on DNS resolution on the local machine, a different issue than\nCVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nFirefox or Opera is used, allows remote attackers to violate the\nsecurity model for JavaScript outbound connections via a multi-pin DNS\nrebinding attack dependent on the LiveConnect API, in which JavaScript\ndownload relies on DNS resolution by the browser, but JavaScript\nsocket operations rely on separate DNS resolution by a Java Virtual\nMachine (JVM), a different issue than CVE-2007-5273.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_6_0-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-1.6.0.u3-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-alsa-1.6.0.u3-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-demo-1.6.0.u3-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-devel-1.6.0.u3-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-jdbc-1.6.0.u3-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"java-1_6_0-sun-plugin-1.6.0.u3-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-sun\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:N"}}, {"lastseen": "2021-08-19T13:12:34", "description": "The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs, including the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack. (CVE-2007-5232)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1\n\n - Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enfor ce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted applica tion. (CVE-2007-5236)\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka 'two vulnerabilities'.\n (CVE-2007-5237)\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka 'three vulnerabilities.'. (CVE-2007-5238)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.\n (CVE-2007-5239)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103071-1\n\n - Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen. (CVE-2007-5240)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. (CVE-2007-5273)\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. (CVE-2007-5274)", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Sun Java 1.4.2 (ZYPP Patch Number 4533)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-SUN-4533.NASL", "href": "https://www.tenable.com/plugins/nessus/29473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29473);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"SuSE 10 Security Update : Sun Java 1.4.2 (ZYPP Patch Number 4533)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs,\nincluding the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6\n Update 2 and earlier, JDK and JRE 5.0 Update 12 and\n earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\n JRE 1.3.1_20 and earlier, when applet caching is\n enabled, allows remote attackers to violate the security\n model for an applet's outbound connections via a DNS\n rebinding attack. (CVE-2007-5232)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1\n\n - Java Web Start in Sun JDK and JRE 5.0 Update 12 and\n earlier, and SDK and JRE 1.4.2_15 and earlier, on\n Windows does not properly enfor ce access restrictions\n for untrusted applications, which allows user-assisted\n remote attackers to read local files via an untrusted\n applica tion. (CVE-2007-5236)\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and earlier\n does not properly enforce access restrictions for\n untrusted applications, which allows user-assisted\n remote attackers to read and modify local files via an\n untrusted application, aka 'two vulnerabilities'.\n (CVE-2007-5237)\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and\n earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK\n and JRE 1.4.2_15 and earlier does not properly enforce\n access restrictions for untrusted applications, which\n allows user-assisted remote attackers to obtain\n sensitive information (the Java Web Start cache\n location) via an untrusted application, aka 'three\n vulnerabilities.'. (CVE-2007-5238)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1\n\n - Java Web Start in Sun JDK and JRE 6 Update 2 and\n earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\n JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and\n earlier does not properly enforce access restrictions\n for untrusted (1) applications and (2) applets, which\n allows user-assisted remote attackers to copy or rename\n arbitrary files when local users perform drag-and-drop\n operations from the untrusted application or applet\n window onto certain types of desktop applications.\n (CVE-2007-5239)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103071-1\n\n - Visual truncation vulnerability in the Java Runtime\n Environment in Sun JDK and JRE 6 Update 2 and earlier,\n JDK and JRE 5.0 Update 12 and earlier, SDK and JRE\n 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and\n earlier allows remote attackers to circumvent display of\n the untrusted-code warning banner by creating a window\n larger than the workstation screen. (CVE-2007-5240)\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6\n Update 2 and earlier, JDK and JRE 5.0 Update 12 and\n earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\n JRE 1.3.1_20 and earlier, when an HTTP proxy server is\n used, allows remote attackers to violate the security\n model for an applet's outbound connections via a\n multi-pin DNS rebinding attack in which the applet\n download relies on DNS resolution on the proxy server,\n but the applet's socket operations rely on DNS\n resolution on the local machine, a different issue than\n CVE-2007-5274. (CVE-2007-5273)\n\n - Sun Java Runtime Environment (JRE) in JDK and JRE 6\n Update 2 and earlier, JDK and JRE 5.0 Update 12 and\n earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\n JRE 1.3.1_20 and earlier, when Firefox or Opera is used,\n allows remote attackers to violate the security model\n for JavaScript outbound connections via a multi-pin DNS\n rebinding attack dependent on the LiveConnect API, in\n which JavaScript download relies on DNS resolution by\n the browser, but JavaScript socket operations rely on\n separate DNS resolution by a Java Virtual Machine (JVM),\n a different issue than CVE-2007-5273. (CVE-2007-5274)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5236.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5237.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5239.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5273.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5274.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4533.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-demo-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-src-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.16-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.16-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:N"}}, {"lastseen": "2021-08-19T13:13:24", "description": "The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs, including the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not properly enfor ce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka 'two vulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-18T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-4536)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5237", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_4_2-sun", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_JAVA-1_4_2-SUN-4536.NASL", "href": "https://www.tenable.com/plugins/nessus/27511", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_4_2-sun-4536.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27511);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-4536)\");\n script_summary(english:\"Check for the java-1_4_2-sun-4536 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs,\nincluding the following security bugs :\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1\n\nCVE-2007-5232: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\napplet caching is enabled, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a DNS\nrebinding attack.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 073-1\n\nCVE-2007-5236: Java Web Start in Sun JDK and JRE 5.0 Update 12 and\nearlier, and SDK and JRE 1.4.2_15 and earlier, on Windows does not\nproperly enfor ce access restrictions for untrusted applications,\nwhich allows user-assisted remote attackers to read local files via an\nuntrusted applica tion.\n\nCVE-2007-5237: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier does not properly enforce access restrictions for untrusted\napplications, which allows user-assisted remote attackers to read and\nmodify local files via an untrusted application, aka 'two\nvulnerabilities'.\n\nCVE-2007-5238: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE\n1.4.2_15 and earlier does not properly enforce access restrictions for\nuntrusted applications, which allows user-assisted remote attackers to\nobtain sensitive information (the Java Web Start cache location) via\nan untrusted application, aka 'three vulnerabilities.'\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 072-1\n\nCVE-2007-5239: Java Web Start in Sun JDK and JRE 6 Update 2 and\nearlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15\nand earlier, and SDK and JRE 1.3.1_20 and earlier does not properly\nenforce access restrictions for untrusted (1) applications and (2)\napplets, which allows user-assisted remote attackers to copy or rename\narbitrary files when local users perform drag-and-drop operations from\nthe untrusted application or applet window onto certain types of\ndesktop applications.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 071-1\n\nCVE-2007-5240: Visual truncation vulnerability in the Java Runtime\nEnvironment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0\nUpdate 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and\nJRE 1.3.1_20 and earlier allows remote attackers to circumvent display\nof the untrusted-code warning banner by creating a window larger than\nthe workstation screen.\n\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-103 078-1\n\nCVE-2007-5273: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nan HTTP proxy server is used, allows remote attackers to violate the\nsecurity model for an applet's outbound connections via a multi-pin\nDNS rebinding attack in which the applet download relies on DNS\nresolution on the proxy server, but the applet's socket operations\nrely on DNS resolution on the local machine, a different issue than\nCVE-2007-5274.\n\nCVE-2007-5274: Sun Java Runtime Environment (JRE) in JDK and JRE 6\nUpdate 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and\nJRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when\nFirefox or Opera is used, allows remote attackers to violate the\nsecurity model for JavaScript outbound connections via a multi-pin DNS\nrebinding attack dependent on the LiveConnect API, in which JavaScript\ndownload relies on DNS resolution by the browser, but JavaScript\nsocket operations rely on separate DNS resolution by a Java Virtual\nMachine (JVM), a different issue than CVE-2007-5273.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_4_2-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-alsa-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-demo-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-devel-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-jdbc-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-plugin-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-src-1.4.2.16-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-alsa-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-demo-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-devel-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-jdbc-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-plugin-1.4.2_update16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-src-1.4.2_update16-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_4_2-sun\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:N"}}, {"lastseen": "2021-08-19T13:06:55", "description": "Updated java-1.5.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic JRockit Virtual Machine 1.5.0_14 and are certified for the Java 5 Platform, Standard Edition, v1.5.0.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nUntrusted Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files. (CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display oversized windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273)\n\nTwo vulnerabilities in the Java Runtime Environment allowed an untrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local files or execute local applications in the context of the user running the Java process. (CVE-2008-0657)\n\nThose vulnerabilities concerned with applets can only be triggered in java-1.5.0-bea by calling the 'appletviewer' application.\n\nAll users of java-1.5.0-bea should upgrade to these updated packages, which contain the BEA WebLogic JRockit 1.5.0_14 release that resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-bea (RHSA-2008:0156)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2008-0657"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-missioncontrol", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0156.NASL", "href": "https://www.tenable.com/plugins/nessus/40716", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0156. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40716);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5232\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2008-0657\");\n script_bugtraq_id(25918, 27650);\n script_xref(name:\"RHSA\", value:\"2008:0156\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-bea (RHSA-2008:0156)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-bea packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic\nJRockit Virtual Machine 1.5.0_14 and are certified for the Java 5\nPlatform, Standard Edition, v1.5.0.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment\n(JRE) did not correctly process the creation of network connections. A\nremote attacker could use this flaw to create connections to services\non machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nUntrusted Java Applets were able to drag and drop a file to a Desktop\nApplication. A user-assisted remote attacker could use this flaw to\nmove or copy arbitrary files. (CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or\napplications to display oversized windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5273)\n\nTwo vulnerabilities in the Java Runtime Environment allowed an\nuntrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local\nfiles or execute local applications in the context of the user running\nthe Java process. (CVE-2008-0657)\n\nThose vulnerabilities concerned with applets can only be triggered in\njava-1.5.0-bea by calling the 'appletviewer' application.\n\nAll users of java-1.5.0-bea should upgrade to these updated packages,\nwhich contain the BEA WebLogic JRockit 1.5.0_14 release that resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0657\"\n );\n # http://dev2dev.bea.com/pub/advisory/272\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7dd1a2b1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0156\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-missioncontrol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0156\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-missioncontrol-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-missioncontrol-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-bea / java-1.5.0-bea-demo / java-1.5.0-bea-devel / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:58", "description": "Updated java-1.4.2-bea packages that correct several security issues and add enhancements are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic JRockit Virtual Machine 1.4.2_16 and is certified for the Java 2 Platform, Standard Edition, v1.4.2.\n\nA buffer overflow in the Java Runtime Environment image handling code was found. If an attacker could induce a server application to process a specially crafted image file, the attacker could potentially cause a denial-of-service or execute arbitrary code as the user running the Java Virtual Machine. (CVE-2007-2788, CVE-2007-2789)\n\nA denial of service flaw was found in the way the JSSE component processed SSL/TLS handshake requests. A remote attacker able to connect to a JSSE enabled service could send a specially crafted handshake which would cause the Java Runtime Environment to stop responding to future requests. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processed font data. An applet viewed via the 'appletviewer' application could elevate its privileges, allowing the applet to perform actions with the same permissions as the user running the 'appletviewer' application. The same flaw could, potentially, crash a server application which processed untrusted font information from a third party. (CVE-2007-4381)\n\nA flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nUntrusted Java Applets were able to drag and drop files to a desktop application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files. (CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display over-sized windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273)\n\nPlease note: the vulnerabilities noted above concerned with applets can only be triggered in java-1.4.2-bea by calling the 'appletviewer' application.\n\nAll users of java-1.4.2-bea should upgrade to these updated packages, which contain the BEA WebLogic JRockit 1.4.2_16 release which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : java-1.4.2-bea (RHSA-2008:0100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3698", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-missioncontrol", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-src", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0100.NASL", "href": "https://www.tenable.com/plugins/nessus/40712", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0100. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40712);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\");\n script_bugtraq_id(24004, 24846, 25340, 25918);\n script_xref(name:\"RHSA\", value:\"2008:0100\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : java-1.4.2-bea (RHSA-2008:0100)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-bea packages that correct several security issues\nand add enhancements are now available for Red Hat Enterprise Linux 3\nExtras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise\nLinux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic\nJRockit Virtual Machine 1.4.2_16 and is certified for the Java 2\nPlatform, Standard Edition, v1.4.2.\n\nA buffer overflow in the Java Runtime Environment image handling code\nwas found. If an attacker could induce a server application to process\na specially crafted image file, the attacker could potentially cause a\ndenial-of-service or execute arbitrary code as the user running the\nJava Virtual Machine. (CVE-2007-2788, CVE-2007-2789)\n\nA denial of service flaw was found in the way the JSSE component\nprocessed SSL/TLS handshake requests. A remote attacker able to\nconnect to a JSSE enabled service could send a specially crafted\nhandshake which would cause the Java Runtime Environment to stop\nresponding to future requests. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processed\nfont data. An applet viewed via the 'appletviewer' application could\nelevate its privileges, allowing the applet to perform actions with\nthe same permissions as the user running the 'appletviewer'\napplication. The same flaw could, potentially, crash a server\napplication which processed untrusted font information from a third\nparty. (CVE-2007-4381)\n\nA flaw in the applet caching mechanism of the Java Runtime Environment\n(JRE) did not correctly process the creation of network connections. A\nremote attacker could use this flaw to create connections to services\non machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nUntrusted Java Applets were able to drag and drop files to a desktop\napplication. A user-assisted remote attacker could use this flaw to\nmove or copy arbitrary files. (CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or\napplications to display over-sized windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5273)\n\nPlease note: the vulnerabilities noted above concerned with applets\ncan only be triggered in java-1.4.2-bea by calling the 'appletviewer'\napplication.\n\nAll users of java-1.4.2-bea should upgrade to these updated packages,\nwhich contain the BEA WebLogic JRockit 1.4.2_16 release which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5273\"\n );\n # http://dev2dev.bea.com/pub/advisory/249\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?659e0990\"\n );\n # http://dev2dev.bea.com/pub/advisory/248\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e16bf0b7\"\n );\n # http://dev2dev.bea.com/pub/advisory/272\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7dd1a2b1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0100\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-missioncontrol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0100\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.1.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.1.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.1.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-demo-1.4.2.16-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-missioncontrol-1.4.2.16-1jpp.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-src-1.4.2.16-1jpp.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.4.2-bea / java-1.4.2-bea-demo / java-1.4.2-bea-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:28", "description": "Flaws in the JRE allowed an untrusted application or applet to elevate its privileges. This could be exploited by a remote attacker to access local files or execute local applications accessible to the user running the JRE (CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An untrusted JNLP application could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass the same origin policy, executing arbitrary code with the permissions of the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possible execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network connections by the use of Java APIs. A remote attacker could use these flaws to access local network services. (CVE-2008-1195)\n\nA vulnerability was found in the Java Management Extensions (JMX) management agent, when local monitoring is enabled. This allowed remote attackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote attacker could misuse an unsigned applet to connect to localhost services running on the host running the applet. (CVE-2008-3104)\n\nA Java Runtime Environment (JRE) vulnerability could be triggered by an untrusted application or applet. A remote attacker could grant an untrusted applet extended privileges such as reading and writing local files, or executing local programs. (CVE-2008-3107)\n\nSeveral buffer overflow vulnerabilities in Java Web Start were reported. These vulnerabilities may allow an untrusted Java Web Start application to elevate its privileges and thereby grant itself permission to read and/or write local files, as well as to execute local applications accessible to the user running the untrusted application. (CVE-2008-3111)\n\nTwo file processing vulnerabilities in Java Web Start were found. A remote attacker, by means of an untrusted Java Web Start application, was able to create or delete arbitrary files with the permissions of the user running the untrusted application. (CVE-2008-3112, CVE-2008-3113)\n\nA vulnerability in Java Web Start when processing untrusted applications was reported. An attacker was able to acquire sensitive information, such as the cache location. (CVE-2008-3114)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : java (jdk 1.5.0) on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196", "CVE-2008-3103", "CVE-2008-3104", "CVE-2008-3107", "CVE-2008-3111", "CVE-2008-3112", "CVE-2008-3113", "CVE-2008-3114"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080714_JAVA__JDK_1_5_0__ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60440);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\", \"CVE-2008-3103\", \"CVE-2008-3104\", \"CVE-2008-3107\", \"CVE-2008-3111\", \"CVE-2008-3112\", \"CVE-2008-3113\", \"CVE-2008-3114\");\n\n script_name(english:\"Scientific Linux Security Update : java (jdk 1.5.0) on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Flaws in the JRE allowed an untrusted application or applet to elevate\nits privileges. This could be exploited by a remote attacker to access\nlocal files or execute local applications accessible to the user\nrunning the JRE (CVE-2008-1185, CVE-2008-1186)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nSeveral buffer overflow flaws were found in Java Web Start (JWS). An\nuntrusted JNLP application could access local files or execute local\napplications accessible to the user running the JRE. (CVE-2008-1188,\nCVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1196)\n\nA flaw was found in the Java Plug-in. A remote attacker could bypass\nthe same origin policy, executing arbitrary code with the permissions\nof the user running the JRE. (CVE-2008-1192)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe JRE allowed untrusted JavaScript code to create local network\nconnections by the use of Java APIs. A remote attacker could use these\nflaws to access local network services. (CVE-2008-1195)\n\nA vulnerability was found in the Java Management Extensions (JMX)\nmanagement agent, when local monitoring is enabled. This allowed\nremote attackers to perform illegal operations. (CVE-2008-3103)\n\nMultiple vulnerabilities with unsigned applets were reported. A remote\nattacker could misuse an unsigned applet to connect to localhost\nservices running on the host running the applet. (CVE-2008-3104)\n\nA Java Runtime Environment (JRE) vulnerability could be triggered by\nan untrusted application or applet. A remote attacker could grant an\nuntrusted applet extended privileges such as reading and writing local\nfiles, or executing local programs. (CVE-2008-3107)\n\nSeveral buffer overflow vulnerabilities in Java Web Start were\nreported. These vulnerabilities may allow an untrusted Java Web Start\napplication to elevate its privileges and thereby grant itself\npermission to read and/or write local files, as well as to execute\nlocal applications accessible to the user running the untrusted\napplication. (CVE-2008-3111)\n\nTwo file processing vulnerabilities in Java Web Start were found. A\nremote attacker, by means of an untrusted Java Web Start application,\nwas able to create or delete arbitrary files with the permissions of\nthe user running the untrusted application. (CVE-2008-3112,\nCVE-2008-3113)\n\nA vulnerability in Java Web Start when processing untrusted\napplications was reported. An attacker was able to acquire sensitive\ninformation, such as the cache location. (CVE-2008-3114)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0807&L=scientific-linux-errata&T=0&P=3334\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c98a0e4a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.5.0-sun-compat and / or jdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(20, 119, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"java-1.5.0-sun-compat-1.5.0.16-1.1.sl.jpp\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"jdk-1.5.0_16-fcs\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"java-1.5.0-sun-compat-1.5.0.16-1.1.sl5.jpp\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jdk-1.5.0_16-fcs\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:45", "description": "NOTE: This combination of rpm's replaces j2sdk-1.4.2 with jdk-1.5.0.\nSo your java will change from version 1.4.2 to 1.5.0. We apologize if this causes any problems, but it needed to be done for security reasons.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5274) The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503)\n\nThe Java Web Start URL parsing component contained a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nThe JSSE component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service.\n(CVE-2007-3698)\n\nA flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jdk (java) on SL3.x, SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3503", "CVE-2007-3655", "CVE-2007-3698", "CVE-2007-3922", "CVE-2007-5232", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080114_JDK__JAVA__ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60344);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3503\", \"CVE-2007-3655\", \"CVE-2007-3698\", \"CVE-2007-3922\", \"CVE-2007-5232\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"Scientific Linux Security Update : jdk (java) on SL3.x, SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NOTE: This combination of rpm's replaces j2sdk-1.4.2 with jdk-1.5.0.\nSo your java will change from version 1.4.2 to 1.5.0. We apologize if\nthis causes any problems, but it needed to be done for security\nreasons.\n\nA flaw in the applet caching mechanism of the Java Runtime Environment\n(JRE) did not correctly process the creation of network connections. A\nremote attacker could use this flaw to create connections to services\non machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an\nuntrusted application to determine the location of the Java Web Start\ncache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to\ndrag and drop a file to a Desktop Application. A user-assisted remote\nattacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or\napplications to display oversized Windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed\nremote attackers to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5274) The Javadoc tool was able to generate HTML\ndocumentation pages that contained cross-site scripting (XSS)\nvulnerabilities. A remote attacker could use this to inject arbitrary\nweb script or HTML. (CVE-2007-3503)\n\nThe Java Web Start URL parsing component contained a buffer overflow\nvulnerability within the parsing code for JNLP files. A remote\nattacker could create a malicious JNLP file that could trigger this\nflaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nThe JSSE component did not correctly process SSL/TLS handshake\nrequests. A remote attacker who is able to connect to a JSSE-based\nservice could trigger this flaw leading to a denial-of-service.\n(CVE-2007-3698)\n\nA flaw was found in the applet class loader. An untrusted applet could\nuse this flaw to circumvent network access restrictions, possibly\nconnecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0801&L=scientific-linux-errata&T=0&P=852\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36c7dc30\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected java-1.4.2-sun-compat, java-1.5.0-sun-compat and /\nor jdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"java-1.4.2-sun-compat-1.4.2.90-1jpp\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"java-1.5.0-sun-compat-1.5.0.14-1.sl.jpp\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"jdk-1.5.0_14-fcs\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"java-1.4.2-sun-compat-1.4.2.90-1jpp\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"java-1.5.0-sun-compat-1.5.0.14-1.sl4.jpp\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"jdk-1.5.0_14-fcs\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:57:45", "description": "A flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5274) The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503)\n\nThe Java Web Start URL parsing component contained a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nThe JSSE component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service.\n(CVE-2007-3698)\n\nA flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nNOTE: These packages have been tested to not remove newer jdks (such as 1.6 or 1.7)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jdk (java) on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3503", "CVE-2007-3655", "CVE-2007-3698", "CVE-2007-3922", "CVE-2007-5232", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20071128_JDK__JAVA__ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60316);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3503\", \"CVE-2007-3655\", \"CVE-2007-3698\", \"CVE-2007-3922\", \"CVE-2007-5232\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"Scientific Linux Security Update : jdk (java) on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw in the applet caching mechanism of the Java Runtime Environment\n(JRE) did not correctly process the creation of network connections. A\nremote attacker could use this flaw to create connections to services\non machines other than the one that the applet was downloaded from.\n(CVE-2007-5232)\n\nMultiple vulnerabilities existed in Java Web Start allowing an\nuntrusted application to determine the location of the Java Web Start\ncache. (CVE-2007-5238)\n\nUntrusted Java Web Start Applications or Java Applets were able to\ndrag and drop a file to a Desktop Application. A user-assisted remote\nattacker could use this flaw to move or copy arbitrary files.\n(CVE-2007-5239)\n\nThe Java Runtime Environment (JRE) allowed untrusted Java Applets or\napplications to display oversized Windows. This could be used by\nremote attackers to hide security warning banners. (CVE-2007-5240)\n\nUnsigned Java Applets communicating via a HTTP proxy could allow a\nremote attacker to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5273)\n\nUnsigned Applets loaded with Mozilla Firefox or Opera browsers allowed\nremote attackers to violate the Java security model. A cached,\nmalicious Applet could create network connections to services on other\nmachines. (CVE-2007-5274) The Javadoc tool was able to generate HTML\ndocumentation pages that contained cross-site scripting (XSS)\nvulnerabilities. A remote attacker could use this to inject arbitrary\nweb script or HTML. (CVE-2007-3503)\n\nThe Java Web Start URL parsing component contained a buffer overflow\nvulnerability within the parsing code for JNLP files. A remote\nattacker could create a malicious JNLP file that could trigger this\nflaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nThe JSSE component did not correctly process SSL/TLS handshake\nrequests. A remote attacker who is able to connect to a JSSE-based\nservice could trigger this flaw leading to a denial-of-service.\n(CVE-2007-3698)\n\nA flaw was found in the applet class loader. An untrusted applet could\nuse this flaw to circumvent network access restrictions, possibly\nconnecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nNOTE: These packages have been tested to not remove newer jdks (such\nas 1.6 or 1.7)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0711&L=scientific-linux-errata&T=0&P=4571\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eda02392\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.5.0-sun-compat and / or jdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"java-1.5.0-sun-compat-1.5.0.14-1jpp\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jdk-1.5.0_14-fcs\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:55:59", "description": "Updated java-1.6.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.6.0_03 JRE and SDK contain BEA WebLogic JRockit Virtual Machine 1.6.0_03, and are certified for the Java 6 Platform, Standard Edition, v1.6.0.\n\nThe Java XML parsing code processed external entity references even when the 'external general entities' property was set to 'FALSE'. This allowed remote attackers to conduct XML External Entity (XXE) attacks, possibly causing a denial of service, or gaining access to restricted resources. (CVE-2008-0628)\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possible execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe vulnerabilities concerning applets listed above can only be triggered in java-1.6.0-bea, by calling the 'appletviewer' application.\n\nUsers of java-1.6.0-bea are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : java-1.6.0-bea (RHSA-2008:0245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0628", "CVE-2008-1187", "CVE-2008-1193", "CVE-2008-1194"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-missioncontrol", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-src", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0245.NASL", "href": "https://www.tenable.com/plugins/nessus/63852", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0245. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63852);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0628\", \"CVE-2008-1187\", \"CVE-2008-1193\", \"CVE-2008-1194\");\n script_xref(name:\"RHSA\", value:\"2008:0245\");\n\n script_name(english:\"RHEL 5 : java-1.6.0-bea (RHSA-2008:0245)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-bea packages that correct several security issues\nare now available for Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.6.0_03 JRE and SDK contain BEA WebLogic\nJRockit Virtual Machine 1.6.0_03, and are certified for the Java 6\nPlatform, Standard Edition, v1.6.0.\n\nThe Java XML parsing code processed external entity references even\nwhen the 'external general entities' property was set to 'FALSE'. This\nallowed remote attackers to conduct XML External Entity (XXE) attacks,\npossibly causing a denial of service, or gaining access to restricted\nresources. (CVE-2008-0628)\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possible\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe vulnerabilities concerning applets listed above can only be\ntriggered in java-1.6.0-bea, by calling the 'appletviewer'\napplication.\n\nUsers of java-1.6.0-bea are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1194\"\n );\n # http://dev2dev.bea.com/pub/advisory/277\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cd88e8d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0245\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-missioncontrol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-bea-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0245\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-demo-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-demo-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-devel-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-devel-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-jdbc-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-jdbc-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-missioncontrol-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-missioncontrol-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.6.0-bea-src-1.6.0.03-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-bea-src-1.6.0.03-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-bea / java-1.6.0-bea-demo / java-1.6.0-bea-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:12:01", "description": "The IBM Java JRE/SDK has been brought to release 1.5.0 SR6, containing several bugfixes, including the following security fixes :\n\n - A vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE) may allow malicious JavaScript code that is downloaded by a browser from a malicious website to make network connections, through Java APIs, to network services on machines other than the one that the JavaScript code was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted applet that is downloaded from a malicious website through a web proxy to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write arbitrary files with the privileges of the user running the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted Java Web Start application to determine the location of the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet may move or copy arbitrary files by requesting the user of the application or applet to drag and drop a file from the Java Web Start application or Java applet window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so that the applet warning banner is not visible to the user running the untrusted applet. CVE-2007-4381: A vulnerability in the font parsing code in the Java Runtime Environment may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-5240)\n\n - The Java Secure Socket Extension (JSSE) that is included in various releases of the Java Runtime Environment does not correctly process SSL/TLS handshake requests. This vulnerability may be exploited to create a Denial of Service (DoS) condition to the system as a whole on a server that listens for SSL/TLS connections using JSSE for SSL/TLS support. (CVE-2007-3698)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/\n\nAdditionally a concurrency bug has been fixed (Novell Bug 330713).", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : java-1_5_0-ibm (ZYPP Patch Number 4687)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5236", "CVE-2007-5238", "CVE-2007-5239", "CVE-2007-5240", "CVE-2007-5273", "CVE-2007-5274"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_5_0-IBM-4687.NASL", "href": "https://www.tenable.com/plugins/nessus/29476", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29476);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\");\n\n script_name(english:\"SuSE 10 Security Update : java-1_5_0-ibm (ZYPP Patch Number 4687)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The IBM Java JRE/SDK has been brought to release 1.5.0 SR6, containing\nseveral bugfixes, including the following security fixes :\n\n - A vulnerability in the Java Runtime Environment (JRE)\n with applet caching may allow an untrusted applet that\n is downloaded from a malicious website to make network\n connections to network services on machines other than\n the one that the applet was downloaded from. This may\n allow network resources (such as web pages) and\n vulnerabilities (that exist on these network services)\n which are not otherwise normally accessible to be\n accessed or exploited. (CVE-2007-5232)\n\n - A vulnerability in the Java Runtime Environment (JRE)\n may allow malicious JavaScript code that is downloaded\n by a browser from a malicious website to make network\n connections, through Java APIs, to network services on\n machines other than the one that the JavaScript code was\n downloaded from. This may allow network resources (such\n as web pages) and vulnerabilities (that exist on these\n network services) which are not otherwise normally\n accessible to be accessed or exploited. (CVE-2007-5274)\n\n - A second vulnerability in the JRE may allow an untrusted\n applet that is downloaded from a malicious website\n through a web proxy to make network connections to\n network services on machines other than the one that the\n applet was downloaded from. This may allow network\n resources (such as web pages) and vulnerabilities (that\n exist on these network services) which are not otherwise\n normally accessible to be accessed or exploited.\n (CVE-2007-5273)\n\n - An untrusted Java Web Start application may write\n arbitrary files with the privileges of the user running\n the application. (CVE-2007-5236)\n\n - Three separate vulnerabilities may allow an untrusted\n Java Web Start application to determine the location of\n the Java Web Start cache. (CVE-2007-5238)\n\n - An untrusted Java Web Start application or Java applet\n may move or copy arbitrary files by requesting the user\n of the application or applet to drag and drop a file\n from the Java Web Start application or Java applet\n window. (CVE-2007-5239)\n\n - An untrusted applet may display an over-sized window so\n that the applet warning banner is not visible to the\n user running the untrusted applet. CVE-2007-4381: A\n vulnerability in the font parsing code in the Java\n Runtime Environment may allow an untrusted applet to\n elevate its privileges. For example, an applet may grant\n itself permissions to read and write local files or\n execute local applications that are accessible to the\n user running the untrusted applet. (CVE-2007-5240)\n\n - The Java Secure Socket Extension (JSSE) that is included\n in various releases of the Java Runtime Environment does\n not correctly process SSL/TLS handshake requests. This\n vulnerability may be exploited to create a Denial of\n Service (DoS) condition to the system as a whole on a\n server that listens for SSL/TLS connections using JSSE\n for SSL/TLS support. (CVE-2007-3698)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/\n\nAdditionally a concurrency bug has been fixed (Novell Bug 330713).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5236.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5239.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5273.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5274.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4687.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-demo-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-src-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-fonts-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr6-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr6-0.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:59", "description": "The remote host is affected by the vulnerability described in GLSA-200705-23 (Sun JDK/JRE: Multiple vulnerabilities)\n\n An unspecified vulnerability involving an 'incorrect use of system classes' was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security Team reported an integer overflow resulting in a buffer overflow in the ICC parser used with JPG or BMP files, and an incorrect open() call to /dev/tty when processing certain BMP files.\n Impact :\n\n A remote attacker could entice a user to run a specially crafted Java class or applet that will trigger one of the vulnerabilities. This could lead to the execution of arbitrary code outside of the Java sandbox and of the Java security restrictions, or crash the Java application or the browser.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2007-06-04T00:00:00", "type": "nessus", "title": "GLSA-200705-23 : Sun JDK/JRE: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sun-jdk", "p-cpe:/a:gentoo:linux:sun-jre-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200705-23.NASL", "href": "https://www.tenable.com/plugins/nessus/25382", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200705-23.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25382);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n script_xref(name:\"GLSA\", value:\"200705-23\");\n\n script_name(english:\"GLSA-200705-23 : Sun JDK/JRE: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200705-23\n(Sun JDK/JRE: Multiple vulnerabilities)\n\n An unspecified vulnerability involving an 'incorrect use of system\n classes' was reported by the Fujitsu security team. Additionally, Chris\n Evans from the Google Security Team reported an integer overflow\n resulting in a buffer overflow in the ICC parser used with JPG or BMP\n files, and an incorrect open() call to /dev/tty when processing certain\n BMP files.\n \nImpact :\n\n A remote attacker could entice a user to run a specially crafted Java\n class or applet that will trigger one of the vulnerabilities. This\n could lead to the execution of arbitrary code outside of the Java\n sandbox and of the Java security restrictions, or crash the Java\n application or the browser.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200705-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Sun Java Development Kit users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose 'dev-java/sun-jdk'\n All Sun Java Runtime Environment users should upgrade to the latest\n version:\n # emerge --sync\n # emerge --ask --oneshot --verbose 'dev-java/sun-jre-bin'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jre-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/04\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-java/sun-jre-bin\", unaffected:make_list(\"ge 1.6.0.01\", \"rge 1.5.0.16\", \"rge 1.5.0.15\", \"rge 1.5.0.12\", \"rge 1.5.0.11\", \"rge 1.4.2.18\", \"rge 1.4.2.17\", \"rge 1.4.2.15\", \"rge 1.4.2.14\", \"rge 1.4.2.19\", \"rge 1.5.0.17\", \"rge 1.5.0.18\"), vulnerable:make_list(\"lt 1.6.0.01\"))) flag++;\nif (qpkg_check(package:\"dev-java/sun-jdk\", unaffected:make_list(\"ge 1.5.0.11\", \"rge 1.4.2.14\", \"rge 1.4.2.15\", \"rge 1.4.2.19\"), vulnerable:make_list(\"lt 1.5.0.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Sun JDK/JRE\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:13:47", "description": "The remote host is affected by the vulnerability described in GLSA-200706-08 (emul-linux-x86-java: Multiple vulnerabilities)\n\n Chris Evans of the Google Security Team has discovered an integer overflow in the ICC parser, and another vulnerability in the BMP parser. An unspecified vulnerability involving an 'incorrect use of system classes' was reported by the Fujitsu security team.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted image, possibly resulting in the execution of arbitrary code with the privileges of the user running Emul-linux-x86-java. They also could entice a user to open a specially crafted BMP image, resulting in a Denial of Service. Note that these vulnerabilities may also be triggered by a tool processing image files automatically.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2007-06-27T00:00:00", "type": "nessus", "title": "GLSA-200706-08 : emul-linux-x86-java: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:emul-linux-x86-java", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200706-08.NASL", "href": "https://www.tenable.com/plugins/nessus/25593", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200706-08.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25593);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n script_xref(name:\"GLSA\", value:\"200706-08\");\n\n script_name(english:\"GLSA-200706-08 : emul-linux-x86-java: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200706-08\n(emul-linux-x86-java: Multiple vulnerabilities)\n\n Chris Evans of the Google Security Team has discovered an integer\n overflow in the ICC parser, and another vulnerability in the BMP\n parser. An unspecified vulnerability involving an 'incorrect use of\n system classes' was reported by the Fujitsu security team.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted\n image, possibly resulting in the execution of arbitrary code with the\n privileges of the user running Emul-linux-x86-java. They also could\n entice a user to open a specially crafted BMP image, resulting in a\n Denial of Service. Note that these vulnerabilities may also be\n triggered by a tool processing image files automatically.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200706-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Emul-linux-x86-java users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.5.0.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:emul-linux-x86-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/emul-linux-x86-java\", unaffected:make_list(\"ge 1.5.0.11\", \"rge 1.4.2.16\", \"rge 1.4.2.17\", \"rge 1.4.2.19\"), vulnerable:make_list(\"lt 1.5.0.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"emul-linux-x86-java\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:07:02", "description": "Updated java-1.5.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic JRockit Virtual Machine 1.5.0_14, and are certified for the Java 5 Platform, Standard Edition, v1.5.0.\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA flaw was found in the JRE image parsing libraries. An untrusted application or applet could cause a denial of service, or possibly execute arbitrary code with the permissions of the user running the JRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted application or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe vulnerabilities concerning applets listed above can only be triggered in java-1.5.0-bea, by calling the 'appletviewer' application.\n\nUsers of java-1.5.0-bea are advised to upgrade to these updated packages, which resolve these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-bea (RHSA-2008:0244)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1187", "CVE-2008-1193", "CVE-2008-1194"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-missioncontrol", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0244.NASL", "href": "https://www.tenable.com/plugins/nessus/40721", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0244. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40721);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1187\", \"CVE-2008-1193\", \"CVE-2008-1194\");\n script_bugtraq_id(28083, 28125);\n script_xref(name:\"RHSA\", value:\"2008:0244\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-bea (RHSA-2008:0244)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-bea packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.5.0_14 JRE and SDK contain BEA WebLogic\nJRockit Virtual Machine 1.5.0_14, and are certified for the Java 5\nPlatform, Standard Edition, v1.5.0.\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA flaw was found in the JRE image parsing libraries. An untrusted\napplication or applet could cause a denial of service, or possibly\nexecute arbitrary code with the permissions of the user running the\nJRE. (CVE-2008-1193)\n\nA flaw was found in the JRE color management library. An untrusted\napplication or applet could trigger a denial of service (JVM crash).\n(CVE-2008-1194)\n\nThe vulnerabilities concerning applets listed above can only be\ntriggered in java-1.5.0-bea, by calling the 'appletviewer'\napplication.\n\nUsers of java-1.5.0-bea are advised to upgrade to these updated\npackages, which resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1194\"\n );\n # http://dev2dev.bea.com/pub/advisory/277\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cd88e8d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0244\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-missioncontrol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-bea-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0244\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-demo-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-devel-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-jdbc-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-missioncontrol-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-missioncontrol-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-bea-src-1.5.0.14-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-bea / java-1.5.0-bea-demo / java-1.5.0-bea-devel / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:55", "description": "This update of IBM Java to 1.4.2 SR11 fixes various security problems :\n\n - Stack-based buffer overflow in Java Web Start (javaws.exe) allows remote attackers to execute arbitrary code via a crafted JNLP file. (CVE-2008-1196)\n\n - Unspecified vulnerability in the Java Runtime Environment (JRE) allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. (CVE-2008-1187)\n\n - Visual truncation vulnerability in the Java Runtime Environment allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.\n (CVE-2007-5240)", "cvss3": {"score": null, "vector": null}, "published": "2008-08-22T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 5465)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5240", "CVE-2008-1187", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-IBM-5465.NASL", "href": "https://www.tenable.com/plugins/nessus/34024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34024);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5240\", \"CVE-2008-1187\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 5465)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of IBM Java to 1.4.2 SR11 fixes various security \nproblems :\n\n - Stack-based buffer overflow in Java Web Start\n (javaws.exe) allows remote attackers to execute\n arbitrary code via a crafted JNLP file. (CVE-2008-1196)\n\n - Unspecified vulnerability in the Java Runtime\n Environment (JRE) allows remote attackers to cause a\n denial of service (JRE crash) and possibly execute\n arbitrary code via unknown vectors related to XSLT\n transforms. (CVE-2008-1187)\n\n - Visual truncation vulnerability in the Java Runtime\n Environment allows remote attackers to circumvent\n display of the untrusted-code warning banner by creating\n a window larger than the workstation screen.\n (CVE-2007-5240)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5465.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-devel-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-jdbc-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-plugin-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"java-1_4_2-ibm-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"java-1_4_2-ibm-devel-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"java-1_4_2-ibm-jdbc-1.4.2_sr11-0.6\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"java-1_4_2-ibm-plugin-1.4.2_sr11-0.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:51", "description": "This update of IBM Java to 1.4.2 SR11 fixes various security problems :\n\n - Stack-based buffer overflow in Java Web Start (javaws.exe) allows remote attackers to execute arbitrary code via a crafted JNLP file. (CVE-2008-1196)\n\n - Unspecified vulnerability in the Java Runtime Environment (JRE) allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. (CVE-2008-1187)\n\n - Visual truncation vulnerability in the Java Runtime Environment allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.\n (CVE-2007-5240)", "cvss3": {"score": null, "vector": null}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12210)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5240", "CVE-2008-1187", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12210.NASL", "href": "https://www.tenable.com/plugins/nessus/41226", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41226);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5240\", \"CVE-2008-1187\", \"CVE-2008-1196\");\n\n script_name(english:\"SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12210)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of IBM Java to 1.4.2 SR11 fixes various security problems\n:\n\n - Stack-based buffer overflow in Java Web Start\n (javaws.exe) allows remote attackers to execute\n arbitrary code via a crafted JNLP file. (CVE-2008-1196)\n\n - Unspecified vulnerability in the Java Runtime\n Environment (JRE) allows remote attackers to cause a\n denial of service (JRE crash) and possibly execute\n arbitrary code via unknown vectors related to XSLT\n transforms. (CVE-2008-1187)\n\n - Visual truncation vulnerability in the Java Runtime\n Environment allows remote attackers to circumvent\n display of the untrusted-code warning banner by creating\n a window larger than the workstation screen.\n (CVE-2007-5240)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-5240.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1187.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12210.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"IBMJava2-JRE-1.4.2-0.122\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"IBMJava2-SDK-1.4.2-0.122\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"IBMJava2-JRE-1.4.2-0.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"IBMJava2-SDK-1.4.2-0.123\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-30T18:48:35", "description": "The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 7.\n\nThe remote version of this software contains several security vulnerabilities which may allow a rogue java applet to execute arbitrary code on the remote host.\n\nTo exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-25T00:00:00", "type": "nessus", "title": "Mac OS X : Java for Mac OS X 10.4 Release 7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196", "CVE-2008-3103", "CVE-2008-3104", "CVE-2008-3105", "CVE-2008-3106", "CVE-2008-3107", "CVE-2008-3108", "CVE-2008-3109", "CVE-2008-3110", "CVE-2008-3111", "CVE-2008-3112", "CVE-2008-3113", "CVE-2008-3114", "CVE-2008-3115", "CVE-2008-3637", "CVE-2008-3638"], "modified": "2022-06-29T00:00:00", "cpe": [], "id": "MACOSX_JAVA_REL7.NASL", "href": "https://www.tenable.com/plugins/nessus/34291", "sourceData": "#TRUSTED 1313e066f65fffc5ebbd319d5463cf2ec3f631e255c76def260cb06f7dedeceb8fc567ed66b8ef6283aff373fc4195030ae90d2d766acbaaa402387789e922879ecac98388021b6462403fa5148bc1cb2fa06d10c3187ee2040c1970ec4385341e7d9511dc819105eb78efe2a76c4758fdc0ea24d841b866b5b044f7b9855c90b363e4e941fdb301a29a586dac2786ba7bc66fe0f7f0e63cc3251de29064d97d38ee58c1713ee85f6b842ed64fb9b7a95c9fa3a93b5d996b599195f9a1a456e7bc5569cab5abe65e512a27a2be174c93f01e8b786554719d85c817df9e2e6441cdd29363396c8d982515dd441832a34b27d84e87c07ea48f479c2e0f69850056dd6120fb796d359740c9eea03099d8053966a831c253e1c13bc79f994a65911d4d730e94cd0eba1e4f0fdd5780bfb5a8d9570b2732937f139df488357d082193b7149bfe362a92e786e9990730148526dadecf9dd3db7084024d4b894782b09b31dcfb49c05506f170c75d2beb19151df5e29c08fa6bcb96c66c09ff38b96d59bc9035d69e8283507dd1368ca8ac177c4e082d6163c558fd4988950d988585a87e85a6f8c34b0188b5c0712b72d3461ea4079d04d487509d42a01ab688be5b8dd51272ffe491d9d7174640626b92e6896b2e3eb30764df073e5568df1979516ecd2373f4b3a2b82bca87515c6a7c45d9abd82019c5b1c9bb397451fc74933add\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34291);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\n \"CVE-2008-1185\",\n \"CVE-2008-1186\",\n \"CVE-2008-1187\",\n \"CVE-2008-1188\",\n \"CVE-2008-1189\",\n \"CVE-2008-1190\",\n \"CVE-2008-1191\",\n \"CVE-2008-1192\",\n \"CVE-2008-1193\",\n \"CVE-2008-1194\",\n \"CVE-2008-1195\",\n \"CVE-2008-1196\",\n \"CVE-2008-3103\",\n \"CVE-2008-3104\",\n \"CVE-2008-3105\",\n \"CVE-2008-3106\",\n \"CVE-2008-3107\",\n \"CVE-2008-3108\",\n \"CVE-2008-3109\",\n \"CVE-2008-3110\",\n \"CVE-2008-3111\",\n \"CVE-2008-3112\",\n \"CVE-2008-3113\",\n \"CVE-2008-3114\",\n \"CVE-2008-3115\",\n \"CVE-2008-3637\",\n \"CVE-2008-3638\"\n );\n script_bugtraq_id(28125, 30144, 30146, 31379, 31380);\n\n script_name(english:\"Mac OS X : Java for Mac OS X 10.4 Release 7\");\n script_summary(english:\"Check for Java Release 7 on Mac OS X 10.4\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X 10.4 host is running a version of Java for Mac OS X\nthat is older than release 7.\n\nThe remote version of this software contains several security\nvulnerabilities which may allow a rogue java applet to execute arbitrary\ncode on the remote host.\n\nTo exploit these flaws, an attacker would need to lure an attacker into\nexecuting a rogue Java applet.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3178\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Sep/msg00008.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Java for Mac OS X 10.4 release 7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"macosx_func.inc\");\n\n\nif(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS ||\n get_one_kb_item('HostLevelChecks/proto') == 'local')\n enable_ssh_wrappers();\nelse disable_ssh_wrappers();\n\nfunction exec(cmd)\n{\n local_var ret, buf;\n\n if ( islocalhost() )\n buf = pread(cmd:\"/bin/bash\", argv:make_list(\"bash\", \"-c\", cmd));\n else\n {\n ret = ssh_open_connection();\n if ( ! ret ) exit(0);\n buf = ssh_cmd(cmd:cmd);\n ssh_close_connection();\n }\n\n if ( buf !~ \"^[0-9]\" ) exit(0);\n\n buf = chomp(buf);\n return buf;\n}\n\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\nuname = get_kb_item(\"Host/uname\");\n# Mac OS X 10.4.11 only\nif ( egrep(pattern:\"Darwin.* 8\\.11\\.\", string:uname) )\n{\n cmd = _GetBundleVersionCmd(file:\"JavaPluginCocoa.bundle\", path:\"/Library/Internet Plug-Ins\", label:\"CFBundleVersion\");\n buf = exec(cmd:cmd);\n if ( ! strlen(buf) ) exit(0);\n array = split(buf, sep:'.', keep:FALSE);\n # Fixed in version 11.8.0\n if ( int(array[0]) < 11 ||\n (int(array[0]) == 11 && int(array[1]) < 8 ) )\n {\n security_hole(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-30T18:48:40", "description": "The remote Mac OS X 10.5 host is running a version of Java for Mac OS X that is missing update 2.\n\nThe remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to execute arbitrary code on the remote host.\n\nTo exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet.", "cvss3": {"score": null, "vector": null}, "published": "2008-09-25T00:00:00", "type": "nessus", "title": "Mac OS X : Java for Mac OS X 10.5 Update 2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1185", "CVE-2008-1186", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1189", "CVE-2008-1190", "CVE-2008-1191", "CVE-2008-1192", "CVE-2008-1193", "CVE-2008-1194", "CVE-2008-1195", "CVE-2008-1196", "CVE-2008-3103", "CVE-2008-3104", "CVE-2008-3105", "CVE-2008-3106", "CVE-2008-3107", "CVE-2008-3108", "CVE-2008-3109", "CVE-2008-3110", "CVE-2008-3111", "CVE-2008-3112", "CVE-2008-3113", "CVE-2008-3114", "CVE-2008-3115", "CVE-2008-3637", "CVE-2008-3638"], "modified": "2022-06-29T00:00:00", "cpe": [], "id": "MACOSX_JAVA_10_5_UPDATE2.NASL", "href": "https://www.tenable.com/plugins/nessus/34290", "sourceData": "#TRUSTED 3f7bc9396cdf52a16b3f2405330a3df418f293e1c81d20e4636d5b03fbbab330b0c81102fcdd99d64ee6317dc2bb7af6d599ab48be8905a01d75269047faf0dc1b4ce90e1f26f53062196b259b1e6576dac4048384077109bf3e7c0e461a9d3eed0be19017789949e217adbf8fdc8643e1662103dea73c9ccca9d1b6150006e0c3399ee873da9580f10297902131fca48d549edf121b60b1069f6a05976f43593b09a89ef279e25edf36189a17e5f1a2b3312a03acff61a36606022d4c866d4759de7c8eaf120fabe793c132f55f17dfd01e94cb31030588f36939a02d152b01a5fd558e2d6737c97325a436f3ba1c1e8fbc266d587a4e98b150c6852f878f3aec4f71e5ece13549850185f718ff5dc869cc0be1496821dac41d99261d95636cd72c2a0d4cf22255e29f546c2e6b8085db99257cb1a530e5543a127b4469ced58003f2a47099be50723cba24c77caf3f4694e8a86dc21832023d4e84202c135abeb6cb28bc84fc9af4ae06d61ad036305f704015a2b453c997ac5909dc1cc36915ce67c7192b97a379eca61d2d0beb12556b04edfda6f850631b79c74e74899def296b193c74f223a9f8c63d65e737603317ef52bd138e58addc3f6edf13bfae4d938f10662ec075b0d2e4e5b70b98fbd1140ab2026e481ef46c66f8677d34cffe0eb90bce2e764cfac8b016eca3ca2a6bacba7819af5271e046b3fc487337be\n#\n# (C) Tenable Network Security, Inc.\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(34290);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\n \"CVE-2008-1185\",\n \"CVE-2008-1186\",\n \"CVE-2008-1187\",\n \"CVE-2008-1188\",\n \"CVE-2008-1189\",\n \"CVE-2008-1190\",\n \"CVE-2008-1191\",\n \"CVE-2008-1192\",\n \"CVE-2008-1193\",\n \"CVE-2008-1194\",\n \"CVE-2008-1195\",\n \"CVE-2008-1196\",\n \"CVE-2008-3103\",\n \"CVE-2008-3104\",\n \"CVE-2008-3105\",\n \"CVE-2008-3106\",\n \"CVE-2008-3107\",\n \"CVE-2008-3108\",\n \"CVE-2008-3109\",\n \"CVE-2008-3110\",\n \"CVE-2008-3111\",\n \"CVE-2008-3112\",\n \"CVE-2008-3113\",\n \"CVE-2008-3114\",\n \"CVE-2008-3115\",\n \"CVE-2008-3637\",\n \"CVE-2008-3638\"\n );\n script_bugtraq_id(28125, 30144, 30146, 31379, 31380);\n\n script_name(english:\"Mac OS X : Java for Mac OS X 10.5 Update 2\");\n script_summary(english:\"Check for Java Update 2 on Mac OS X 10.5\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X 10.5 host is running a version of Java for Mac OS X\nthat is missing update 2.\n\nThe remote version of this software contains several security\nvulnerabilities that may allow a rogue Java applet to execute arbitrary\ncode on the remote host.\n\nTo exploit these flaws, an attacker would need to lure an attacker into\nexecuting a rogue Java applet.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT3179\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Sep/msg00007.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Java for Mac OS X 10.5 update 2\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'D2ExploitPack');\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"macosx_func.inc\");\n\n\nif(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS ||\n get_one_kb_item('HostLevelChecks/proto') == 'local')\n enable_ssh_wrappers();\nelse disable_ssh_wrappers();\n\nfunction exec(cmd)\n{\n local_var ret, buf;\n\n if ( islocalhost() )\n buf = pread(cmd:\"/bin/bash\", argv:make_list(\"bash\", \"-c\", cmd));\n else\n {\n ret = ssh_open_connection();\n if ( ! ret ) exit(0);\n buf = ssh_cmd(cmd:cmd);\n ssh_close_connection();\n }\n\n if ( buf !~ \"^[0-9]\" ) exit(0);\n\n buf = chomp(buf);\n return buf;\n}\n\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\nuname = get_kb_item(\"Host/uname\");\n# Mac OS X 10.5 only\nif ( egrep(pattern:\"Darwin.* 9\\.\", string:uname) )\n{\n cmd = _GetBundleVersionCmd(file:\"JavaPluginCocoa.bundle\", path:\"/Library/Internet Plug-Ins\", label:\"CFBundleVersion\");\n buf = exec(cmd:cmd);\n if ( ! strlen(buf) ) exit(0);\n array = split(buf, sep:'.', keep:FALSE);\n # Fixed in version 12.2.0\n if ( int(array[0]) < 12 ||\n (int(array[0]) == 12 && int(array[1]) < 2 ) )\n {\n security_hole(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:27:36", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly is affected by a buffer overflow in its image processing code as well as another issue that may cause the Java Virtual Machine to hang.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java JRE Image Parsing Vulnerabilities (102934) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_102934_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64821", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64821);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\");\n script_bugtraq_id(24004);\n\n script_name(english:\"Sun Java JRE Image Parsing Vulnerabilities (102934) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by several\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment (JRE)\ninstalled on the remote host reportedly is affected by a buffer overflow\nin its image processing code as well as another issue that may cause the\nJava Virtual Machine to hang.\");\n # http://web.archive.org/web/20080503165106/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?328117fc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun Java JDK and JRE 6 Update 1 / JDK and JRE 5.0 Update 11 /\nSDK and JRE 1.3.1_20 or later and remove, if necessary, any affected\nversions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-2788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_00\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|10)[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-4][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.(0_|1_[01][0-9])\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_01 / 1.5.0_11 / 1.3.1_20\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:34:06", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly is affected by a buffer overflow in its image processing code as well as another issue that may cause the Java Virtual Machine to hang.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2007-06-02T00:00:00", "type": "nessus", "title": "Sun Java JRE Image Parsing Vulnerabilities (102934)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_102934.NASL", "href": "https://www.tenable.com/plugins/nessus/25370", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25370);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\");\n script_bugtraq_id(24004);\n\n script_name(english:\"Sun Java JRE Image Parsing Vulnerabilities (102934)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by several\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment\n(JRE) installed on the remote host reportedly is affected by a buffer\noverflow in its image processing code as well as another issue that\nmay cause the Java Virtual Machine to hang.\");\n # http://web.archive.org/web/20080503165106/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?328117fc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun Java JDK and JRE 6 Update 1 / JDK and JRE 5.0 Update 11\n/ SDK and JRE 1.3.1_20 or later and remove if necessary any affected\nversions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_00\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|10)[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-4][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.(0_|1_[01][0-9])\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_01 / 1.5.0_11 / 1.3.1_20\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:54:13", "description": "Updated java-1.4.2-ibm packages to correct a set of security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.4.2 SR9 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nA security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges and read and write local files that are accessible to the user running the Java Web Start application. (CVE-2007-2435)\n\nA buffer overflow in the image code JRE was found. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005)\n\nAll users of java-1.4.2-ibm should upgrade to these updated packages, which contain IBM's 1.4.2 SR9 Java release that resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2007:0817)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0817.NASL", "href": "https://www.tenable.com/plugins/nessus/40705", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0817. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40705);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n script_bugtraq_id(24004);\n script_xref(name:\"RHSA\", value:\"2007:0817\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2007:0817)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-ibm packages to correct a set of security issues\nare now available for Red Hat Enterprise Linux 3 and 4 Extras and Red\nHat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.4.2 SR9 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA security vulnerability in the Java Web Start component was\ndiscovered. An untrusted application could elevate it's privileges and\nread and write local files that are accessible to the user running the\nJava Web Start application. (CVE-2007-2435)\n\nA buffer overflow in the image code JRE was found. An untrusted applet\nor application could use this flaw to elevate its privileges and\npotentially execute arbitrary code as the user running the java\nvirtual machine. (CVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime\nEnvironment. An untrusted applet or application could cause the java\nvirtual machine to become unresponsive. (CVE-2007-3005)\n\nAll users of java-1.4.2-ibm should upgrade to these updated packages,\nwhich contain IBM's 1.4.2 SR9 Java release that resolves these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0817\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0817\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.4.2-ibm / java-1.4.2-ibm-demo / java-1.4.2-ibm-devel / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:56", "description": "Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA buffer overflow flaw was found in Java Web Start (JWS). An untrusted application using the Java Network Launch Protocol (JNLP) could access local files or execute local applications accessible to the user running the JRE. (CVE-2008-1196)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain IBM's 1.4.2 SR11 Java release which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0555)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1187", "CVE-2008-1196"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0555.NASL", "href": "https://www.tenable.com/plugins/nessus/40722", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0555. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40722);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1187\", \"CVE-2008-1196\");\n script_bugtraq_id(28083);\n script_xref(name:\"RHSA\", value:\"2008:0555\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0555)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-ibm packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 3 and 4 Extras, and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.4.2 SR11 Java release includes the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit.\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nA buffer overflow flaw was found in Java Web Start (JWS). An untrusted\napplication using the Java Network Launch Protocol (JNLP) could access\nlocal files or execute local applications accessible to the user\nrunning the JRE. (CVE-2008-1196)\n\nAll users of java-1.4.2-ibm are advised to upgrade to these updated\npackages, which contain IBM's 1.4.2 SR11 Java release which resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0555\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0555\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-demo-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-devel-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.4.2-ibm-javacomm-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.4.2-ibm-jdbc-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.4.2-ibm-plugin-1.4.2.11-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.4.2-ibm-src-1.4.2.11-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.4.2-ibm / java-1.4.2-ibm-demo / java-1.4.2-ibm-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:54:38", "description": "Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nA security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges, allowing it to read and write local files that are accessible to the user running the Java Web Start application. (CVE-2007-2435)\n\nA buffer overflow in the Java Runtime Environment image handling code was found. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-2788, CVE-2007-2789, CVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005)\n\nThe Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML.\n(CVE-2007-3503)\n\nThe Java Web Start URL parsing component contains a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nA flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nAll users of java-ibm-1.5.0 should upgrade to these updated packages, which contain IBM's 1.5.0 SR5a Java release that resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:0829)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3503", "CVE-2007-3655", "CVE-2007-3922", "CVE-2007-4381"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2007-0829.NASL", "href": "https://www.tenable.com/plugins/nessus/40706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0829. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40706);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3503\", \"CVE-2007-3655\", \"CVE-2007-3922\", \"CVE-2007-4381\");\n script_bugtraq_id(24004, 24832, 25054);\n script_xref(name:\"RHSA\", value:\"2007:0829\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:0829)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-ibm packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nIBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit.\n\nA security vulnerability in the Java Web Start component was\ndiscovered. An untrusted application could elevate it's privileges,\nallowing it to read and write local files that are accessible to the\nuser running the Java Web Start application. (CVE-2007-2435)\n\nA buffer overflow in the Java Runtime Environment image handling code\nwas found. An untrusted applet or application could use this flaw to\nelevate its privileges and potentially execute arbitrary code as the\nuser running the java virtual machine. (CVE-2007-2788, CVE-2007-2789,\nCVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime\nEnvironment. An untrusted applet or application could cause the java\nvirtual machine to become unresponsive. (CVE-2007-3005)\n\nThe Javadoc tool was able to generate HTML documentation pages that\ncontained cross-site scripting (XSS) vulnerabilities. A remote\nattacker could use this to inject arbitrary web script or HTML.\n(CVE-2007-3503)\n\nThe Java Web Start URL parsing component contains a buffer overflow\nvulnerability within the parsing code for JNLP files. A remote\nattacker could create a malicious JNLP file that could trigger this\nflaw and execute arbitrary code when opened. (CVE-2007-3655)\n\nA flaw was found in the applet class loader. An untrusted applet could\nuse this flaw to circumvent network access restrictions, possibly\nconnecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nAll users of java-ibm-1.5.0 should upgrade to these updated packages,\nwhich contain IBM's 1.5.0 SR5a Java release that resolves these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3503\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0829\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-javacomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0829\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390\", reference:\"java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-ibm / java-1.5.0-ibm-demo / java-1.5.0-ibm-devel / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:40:17", "description": "The IBM Java JRE/SDK has been brought to release 1.5.0 SR5a, containing several bugfixes, including the following security fixes :\n\n - A buffer overflow vulnerability in the image parsing code in the Java(TM) Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-2788 / CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005)\n\n A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang.\n\n - A buffer overflow vulnerability in the Java Web Start URL parsing code may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the Java Web Start application.\n (CVE-2007-3655)\n\n - A security vulnerability in the Java Runtime Environment Applet Class Loader may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the local host, as if it were loaded from the system that the applet is running on. This may allow the untrusted remote applet the ability to exploit any security vulnerabilities existing in the services it has connected to. (CVE-2007-3922)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 4544)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3655", "CVE-2007-3922"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_5_0-IBM-4544.NASL", "href": "https://www.tenable.com/plugins/nessus/29475", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29475);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3655\", \"CVE-2007-3922\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 4544)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The IBM Java JRE/SDK has been brought to release 1.5.0 SR5a,\ncontaining several bugfixes, including the following security fixes :\n\n - A buffer overflow vulnerability in the image parsing\n code in the Java(TM) Runtime Environment may allow an\n untrusted applet or application to elevate its\n privileges. For example, an applet may grant itself\n permissions to read and write local files or execute\n local applications that are accessible to the user\n running the untrusted applet. (CVE-2007-2788 /\n CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005)\n\n A second vulnerability may allow an untrusted applet or\n application to cause the Java Virtual Machine to hang.\n\n - A buffer overflow vulnerability in the Java Web Start\n URL parsing code may allow an untrusted application to\n elevate its privileges. For example, an application may\n grant itself permissions to read and write local files\n or execute local applications with the privileges of the\n user running the Java Web Start application.\n (CVE-2007-3655)\n\n - A security vulnerability in the Java Runtime Environment\n Applet Class Loader may allow an untrusted applet that\n is loaded from a remote system to circumvent network\n access restrictions and establish socket connections to\n certain services running on the local host, as if it\n were loaded from the system that the applet is running\n on. This may allow the untrusted remote applet the\n ability to exploit any security vulnerabilities existing\n in the services it has connected to. (CVE-2007-3922)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2788.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2789.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3655.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3922.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4544.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-demo-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_5_0-ibm-src-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-devel-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_5_0-ibm-fonts-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-alsa-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-jdbc-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_5_0-ibm-plugin-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-32bit-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-alsa-32bit-1.5.0_sr5a-0.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"java-1_5_0-ibm-devel-32bit-1.5.0_sr5a-0.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:36:49", "description": "The IBM Java JRE/SDK has been brought to release 1.4.2 SR9, containing several bugfixes, including the following security fixes :\n\n - A buffer overflow vulnerability in the image parsing code in the Java(TM) Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-2788 / CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005)\n\n A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang.\n\n - A buffer overflow vulnerability in the Java Web Start URL parsing code may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the Java Web Start application.\n (CVE-2007-3655)\n\n - A security vulnerability in the Java Runtime Environment Applet Class Loader may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the local host, as if it were loaded from the system that the applet is running on. This may allow the untrusted remote applet the ability to exploit any security vulnerabilities existing in the services it has connected to. (CVE-2007-3922)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 4542)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3655", "CVE-2007-3922"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-IBM-4542.NASL", "href": "https://www.tenable.com/plugins/nessus/29470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29470);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3655\", \"CVE-2007-3922\");\n\n script_name(english:\"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 4542)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The IBM Java JRE/SDK has been brought to release 1.4.2 SR9, containing\nseveral bugfixes, including the following security fixes :\n\n - A buffer overflow vulnerability in the image parsing\n code in the Java(TM) Runtime Environment may allow an\n untrusted applet or application to elevate its\n privileges. For example, an applet may grant itself\n permissions to read and write local files or execute\n local applications that are accessible to the user\n running the untrusted applet. (CVE-2007-2788 /\n CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005)\n\n A second vulnerability may allow an untrusted applet or\n application to cause the Java Virtual Machine to hang.\n\n - A buffer overflow vulnerability in the Java Web Start\n URL parsing code may allow an untrusted application to\n elevate its privileges. For example, an application may\n grant itself permissions to read and write local files\n or execute local applications with the privileges of the\n user running the Java Web Start application.\n (CVE-2007-3655)\n\n - A security vulnerability in the Java Runtime Environment\n Applet Class Loader may allow an untrusted applet that\n is loaded from a remote system to circumvent network\n access restrictions and establish socket connections to\n certain services running on the local host, as if it\n were loaded from the system that the applet is running\n on. This may allow the untrusted remote applet the\n ability to exploit any security vulnerabilities existing\n in the services it has connected to. (CVE-2007-3922)\n\nFor more information see:\nhttp://www-128.ibm.com/developerworks/java/jdk/alerts/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2788.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2789.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3655.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3922.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4542.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-1.4.2_sr9-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-ibm-devel-1.4.2_sr9-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-jdbc-1.4.2_sr9-0.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"java-1_4_2-ibm-plugin-1.4.2_sr9-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-01T19:27:28", "description": "The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6.\n\nThe remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user's KeyChain.\n\nTo exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet.", "cvss3": {"score": null, "vector": null}, "published": "2007-12-17T00:00:00", "type": "nessus", "title": "Mac OS X : Java for Mac OS X 10.4 Release 6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4339", "CVE-2006-6731", "CVE-2006-6736", "CVE-2006-6745", "CVE-2007-0243", "CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3503", "CVE-2007-3504", "CVE-2007-3655", "CVE-2007-3698", "CVE-2007-3922", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5862"], "modified": "2022-06-29T00:00:00", "cpe": [], "id": "MACOSX_JAVA_REL6.NASL", "href": "https://www.tenable.com/plugins/nessus/29702", "sourceData": "#TRUSTED 8b71da306e0f29052794238892a5cedaf28fbc45002827390662cd72e5b6940b01f6e206ae7fb74d86034e1cf4878eebb565099b37869e5285320dc705b520cfa4f0f5a8c334e96be2aae7f7f1ceab2f55663977581042ae189e8132631c67b93a278a1a909c718830904053361c5603360e8425071a4dcf8909020772a8fafc79f21e355efcaff1890dd3667855c9f0bdecfe7bc92cc60099bbcc3d3161dd64473ade13d2cf3e887da1086394808ef24b0d6480e239e17578dfd88321437865e30fb39ada2a5a05c7fa974eb2b815d2fdca8479c87e7e2e2b5c9fe0a9ce1bff1dd66cee8c8dc3b2231233de27298867ae9b99b97f14b76725be1356c8bf9ee3518480cf6c296adf92a603c3e0552a81504802cdd95772cd6f7305985041508f2cf4b35cc484942907d5cb5dfb20fbcfd5e845d02a57b9ed4c323ae9d4e6386dd40a5b1fd94d1419366cf219ad1f8c19a1df609ecdb3508ecc12f5ce4c1fe2824783b61dd9d47955a3d0e070014c4ebc50e98f57ab22c42395fe4b36b1bd0fd3436bd7fd329494e11b650f473b066e4a56e5d0dfd10583396645d860516ff96ff6b87a773024fe0980f4c31d0ecf84a361d028520064297dab8be70c35f7a811ed0feedb0347a358681e11953e32e1f1e55459cc148c6a62e1e7b286c28473d078ad39056ba2ecdae01049b47180ba4e424de200d63d552fdf21da57ec82bdd6\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29702);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\n \"CVE-2006-4339\",\n \"CVE-2006-6731\",\n \"CVE-2006-6736\",\n \"CVE-2006-6745\",\n \"CVE-2007-0243\",\n \"CVE-2007-2435\",\n \"CVE-2007-2788\",\n \"CVE-2007-2789\",\n \"CVE-2007-3503\",\n \"CVE-2007-3504\",\n \"CVE-2007-3655\",\n \"CVE-2007-3698\",\n \"CVE-2007-3922\",\n \"CVE-2007-4381\",\n \"CVE-2007-5232\",\n \"CVE-2007-5862\"\n );\n script_bugtraq_id(\n 21673,\n 21674,\n 21675,\n 22085,\n 24690,\n 24695,\n 24832,\n 24846,\n 25054,\n 25340,\n 25918,\n 26877\n );\n script_xref(name:\"EDB-ID\", value:\"30284\");\n\n script_name(english:\"Mac OS X : Java for Mac OS X 10.4 Release 6\");\n script_summary(english:\"Check for Java Release 6\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X 10.4 host is running a version of Java for Mac OS\nX that is older than release 6.\n\nThe remote version of this software contains several security\nvulnerabilities that may allow a rogue Java applet to escalate its\nprivileges and to add or remove arbitrary items from the user's\nKeyChain.\n\nTo exploit these flaws, an attacker would need to lure an attacker\ninto executing a rogue Java applet.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=307177\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Java for Mac OS X 10.4 release 6.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2007-2022 Tenable Network Security, Inc.\");\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\");\n exit(0);\n}\n\n\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"macosx_func.inc\");\n\n\nif(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS ||\n get_one_kb_item('HostLevelChecks/proto') == 'local')\n enable_ssh_wrappers();\nelse disable_ssh_wrappers();\n\nfunction exec(cmd)\n{\n local_var ret, buf;\n\n if ( islocalhost() )\n buf = pread(cmd:\"/bin/bash\", argv:make_list(\"bash\", \"-c\", cmd));\n else\n {\n ret = ssh_open_connection();\n if ( ! ret ) exit(0);\n buf = ssh_cmd(cmd:cmd);\n ssh_close_connection();\n }\n\n if ( buf !~ \"^[0-9]\" ) exit(0);\n\n buf = chomp(buf);\n return buf;\n}\n\n\npackages = get_kb_item(\"Host/MacOSX/packages\");\nif ( ! packages ) exit(0);\n\nuname = get_kb_item(\"Host/uname\");\n# Mac OS X 10.4.10, 10.4.11 only\nif ( egrep(pattern:\"Darwin.* 8\\.(10|11)\\.\", string:uname) )\n{\n cmd = _GetBundleVersionCmd(file:\"JavaPluginCocoa.bundle\", path:\"/Library/Internet Plug-Ins\", label:\"CFBundleVersion\");\n buf = exec(cmd:cmd);\n if ( ! strlen(buf) ) exit(0);\n array = split(buf, sep:'.', keep:FALSE);\n if ( int(array[0]) < 11 ||\n (int(array[0]) == 11 && int(array[1]) <= 7 ) )\n {\n cmd = _GetBundleVersionCmd(file:\"JavaPluginCocoa.bundle\", path:\"/Library/Internet Plug-Ins\", label:\"SourceVersion\");\n buf = exec(cmd:cmd);\n if ( strlen(buf) && int(buf) < 1120000 ) security_hole(0);\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:31:21", "description": "The Sun JAVA JDK 1.4.2 was upgraded to release 15 to fix various bugs, including the following security bugs :\n\nCVE-2007-2788 / CVE-2007-3004: Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK), allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file.\n\nCVE-2007-2789 / CVE-2007-3005: The BMP image parser in Sun Java Development Kit (JDK), on Unix/Linux systems, allows remote attackers to trigger the opening of arbitrary local files via a crafted BMP file, which causes a denial of service (system hang) in certain cases such as /dev/tty, and has other unspecified impact.\n\nCVE-2007-0243: Buffer overflow in Sun JDK and Java Runtime Environment (JRE) allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-3843)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0243", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_4_2-sun", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_4_2-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_JAVA-1_4_2-SUN-3843.NASL", "href": "https://www.tenable.com/plugins/nessus/27276", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_4_2-sun-3843.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27276);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0243\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-3843)\");\n script_summary(english:\"Check for the java-1_4_2-sun-3843 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.4.2 was upgraded to release 15 to fix various bugs,\nincluding the following security bugs :\n\nCVE-2007-2788 / CVE-2007-3004: Integer overflow in the embedded ICC\nprofile image parser in Sun Java Development Kit (JDK), allows remote\nattackers to execute arbitrary code or cause a denial of service (JVM\ncrash) via a crafted JPEG or BMP file.\n\nCVE-2007-2789 / CVE-2007-3005: The BMP image parser in Sun Java\nDevelopment Kit (JDK), on Unix/Linux systems, allows remote attackers\nto trigger the opening of arbitrary local files via a crafted BMP\nfile, which causes a denial of service (system hang) in certain cases\nsuch as /dev/tty, and has other unspecified impact.\n\nCVE-2007-0243: Buffer overflow in Sun JDK and Java Runtime Environment\n(JRE) allows applets to gain privileges via a GIF image with a block\nwith a 0 width field, which triggers memory corruption.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_4_2-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_4_2-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-alsa-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-demo-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-devel-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-jdbc-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-plugin-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_4_2-sun-src-1.4.2.15-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-alsa-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-demo-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-devel-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-jdbc-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-plugin-1.4.2_update15-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_4_2-sun-src-1.4.2_update15-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_4_2-sun\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:37:46", "description": "The Sun JAVA JDK 1.4.2 was upgraded to release 15 to fix various bugs, including the following security bugs :\n\n - Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK), allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file.\n (CVE-2007-2788 / CVE-2007-3004)\n\n - The BMP image parser in Sun Java Development Kit (JDK), on Unix/Linux systems, allows remote attackers to trigger the opening of arbitrary local files via a crafted BMP file, which causes a denial of service (system hang) in certain cases such as /dev/tty, and has other unspecified impact. (CVE-2007-2789 / CVE-2007-3005)\n\n - Buffer overflow in Sun JDK and Java Runtime Environment (JRE) allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. (CVE-2007-0243)", "cvss3": {"score": null, "vector": null}, "published": "2007-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Java (ZYPP Patch Number 3844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0243", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_JAVA-1_4_2-SUN-3844.NASL", "href": "https://www.tenable.com/plugins/nessus/29472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29472);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0243\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n\n script_name(english:\"SuSE 10 Security Update : Java (ZYPP Patch Number 3844)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.4.2 was upgraded to release 15 to fix various bugs,\nincluding the following security bugs :\n\n - Integer overflow in the embedded ICC profile image\n parser in Sun Java Development Kit (JDK), allows remote\n attackers to execute arbitrary code or cause a denial of\n service (JVM crash) via a crafted JPEG or BMP file.\n (CVE-2007-2788 / CVE-2007-3004)\n\n - The BMP image parser in Sun Java Development Kit (JDK),\n on Unix/Linux systems, allows remote attackers to\n trigger the opening of arbitrary local files via a\n crafted BMP file, which causes a denial of service\n (system hang) in certain cases such as /dev/tty, and has\n other unspecified impact. (CVE-2007-2789 /\n CVE-2007-3005)\n\n - Buffer overflow in Sun JDK and Java Runtime Environment\n (JRE) allows applets to gain privileges via a GIF image\n with a block with a 0 width field, which triggers memory\n corruption. (CVE-2007-0243)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-0243.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2788.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-2789.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3005.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 3844.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-demo-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"java-1_4_2-sun-src-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-alsa-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-devel-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-jdbc-1.4.2.15-2.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"java-1_4_2-sun-plugin-1.4.2.15-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:55:37", "description": "IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1.\n\nIBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.\n\nA buffer overflow was found in the Java Runtime Environment image-handling code. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005)\n\nA flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nThese updated packages also add the following enhancements :\n\n* Time zone information has been updated to the latest available information, 2007h.\n\n* Accessibility support in AWT can now be disabled through a system property, java.assistive. To support this change, permission to read this property must be added to /opt/IBMJava2-131/jre/lib/security/java.policy. Users of IBMJava2 who have modified this file should add this following line to the grant section :\n\npermission java.util.PropertyPermission 'java.assistive', 'read';\n\nAll users of IBMJava2 should upgrade to these updated packages, which contain IBM's 1.3.1 SR11 Java release, which resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2008-06-24T00:00:00", "type": "nessus", "title": "RHEL 2.1 : IBMJava2 (RHSA-2008:0133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3922"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:IBMJava2-JRE", "p-cpe:/a:redhat:enterprise_linux:IBMJava2-SDK", "cpe:/o:redhat:enterprise_linux:2.1"], "id": "REDHAT-RHSA-2008-0133.NASL", "href": "https://www.tenable.com/plugins/nessus/33247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0133. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33247);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3922\");\n script_bugtraq_id(24004, 25054);\n script_xref(name:\"RHSA\", value:\"2008:0133\");\n\n script_name(english:\"RHEL 2.1 : IBMJava2 (RHSA-2008:0133)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"IBMJava2-JRE and IBMJava2-SDK packages that correct several security\nissues are available for Red Hat Enterprise Linux 2.1.\n\nIBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment\nand the IBM Java 2 Software Development Kit.\n\nA buffer overflow was found in the Java Runtime Environment\nimage-handling code. An untrusted applet or application could use this\nflaw to elevate its privileges and potentially execute arbitrary code\nas the user running the java virtual machine. (CVE-2007-3004)\n\nAn unspecified vulnerability was discovered in the Java Runtime\nEnvironment. An untrusted applet or application could cause the java\nvirtual machine to become unresponsive. (CVE-2007-3005)\n\nA flaw was found in the applet class loader. An untrusted applet could\nuse this flaw to circumvent network access restrictions, possibly\nconnecting to services hosted on the machine that executed the applet.\n(CVE-2007-3922)\n\nThese updated packages also add the following enhancements :\n\n* Time zone information has been updated to the latest available\ninformation, 2007h.\n\n* Accessibility support in AWT can now be disabled through a system\nproperty, java.assistive. To support this change, permission to read\nthis property must be added to\n/opt/IBMJava2-131/jre/lib/security/java.policy. Users of IBMJava2 who\nhave modified this file should add this following line to the grant\nsection :\n\npermission java.util.PropertyPermission 'java.assistive', 'read';\n\nAll users of IBMJava2 should upgrade to these updated packages, which\ncontain IBM's 1.3.1 SR11 Java release, which resolves these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3922\"\n );\n # http://www-128.ibm.com/developerworks/java/jdk/alerts/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ibm.com/us-en/?ar=1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0133\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected IBMJava2-JRE and / or IBMJava2-SDK packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:IBMJava2-JRE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:IBMJava2-SDK\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0133\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"IBMJava2-JRE-1.3.1-17\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"IBMJava2-SDK-1.3.1-17\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"IBMJava2-JRE / IBMJava2-SDK\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:28:33", "description": "The Sun JAVA JDK 1.5.0 was upgraded to release 12 to fix various bugs, including the following security bugs :\n\nCVE-2007-2788 / CVE-2007-3004: Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK), allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file.\n\nCVE-2007-2789 / CVE-2007-3005: The BMP image parser in Sun Java Development Kit (JDK), on Unix/Linux systems, allows remote attackers to trigger the opening of arbitrary local files via a crafted BMP file, which causes a denial of service (system hang) in certain cases such as /dev/tty, and has other unspecified impact.\n\nCVE-2007-0243: Buffer overflow in Sun JDK and Java Runtime Environment (JRE) allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-17T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-3832)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-0243", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_5_0-sun", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin", "p-cpe:/a:novell:opensuse:java-1_5_0-sun-src", "cpe:/o:novell:opensuse:10.1", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_JAVA-1_5_0-SUN-3832.NASL", "href": "https://www.tenable.com/plugins/nessus/27280", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_5_0-sun-3832.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27280);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0243\", \"CVE-2007-2788\", \"CVE-2007-2789\");\n\n script_name(english:\"openSUSE 10 Security Update : java-1_5_0-sun (java-1_5_0-sun-3832)\");\n script_summary(english:\"Check for the java-1_5_0-sun-3832 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Sun JAVA JDK 1.5.0 was upgraded to release 12 to fix various bugs,\nincluding the following security bugs :\n\nCVE-2007-2788 / CVE-2007-3004: Integer overflow in the embedded ICC\nprofile image parser in Sun Java Development Kit (JDK), allows remote\nattackers to execute arbitrary code or cause a denial of service (JVM\ncrash) via a crafted JPEG or BMP file.\n\nCVE-2007-2789 / CVE-2007-3005: The BMP image parser in Sun Java\nDevelopment Kit (JDK), on Unix/Linux systems, allows remote attackers\nto trigger the opening of arbitrary local files via a crafted BMP\nfile, which causes a denial of service (system hang) in certain cases\nsuch as /dev/tty, and has other unspecified impact.\n\nCVE-2007-0243: Buffer overflow in Sun JDK and Java Runtime Environment\n(JRE) allows applets to gain privileges via a GIF image with a block\nwith a 0 width field, which triggers memory corruption.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_5_0-sun packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_5_0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-alsa-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-demo-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-devel-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-jdbc-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-plugin-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"java-1_5_0-sun-src-1.5.0_12-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-alsa-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-demo-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-devel-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-jdbc-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-plugin-1.5.0_update12-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"java-1_5_0-sun-src-1.5.0_update12-3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_5_0-sun\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:13:26", "description": "SUN reports :\n\nA vulnerability in the Java Runtime Environment (JRE) with applet caching may allow an untrusted applet that is downloaded from a malicious website to make network connections to network services on machines other than the one that the applet was downloaded from. This may allow network resources (such as web pages) and vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.", "cvss3": {"score": null, "vector": null}, "published": "2007-10-09T00:00:00", "type": "nessus", "title": "FreeBSD : jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented (c93e4d41-75c5-11dc-b903-0016179b2dd5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5232"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:jdk", "p-cpe:/a:freebsd:freebsd:linux-blackdown-jdk", "p-cpe:/a:freebsd:freebsd:linux-sun-jdk", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C93E4D4175C511DCB9030016179B2DD5.NASL", "href": "https://www.tenable.com/plugins/nessus/26940", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(26940);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-5232\");\n\n script_name(english:\"FreeBSD : jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented (c93e4d41-75c5-11dc-b903-0016179b2dd5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SUN reports :\n\nA vulnerability in the Java Runtime Environment (JRE) with applet\ncaching may allow an untrusted applet that is downloaded from a\nmalicious website to make network connections to network services on\nmachines other than the one that the applet was downloaded from. This\nmay allow network resources (such as web pages) and vulnerabilities\n(that exist on these network services) which are not otherwise\nnormally accessible to be accessed or exploited.\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c8350d4\"\n );\n # https://vuxml.freebsd.org/freebsd/c93e4d41-75c5-11dc-b903-0016179b2dd5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7175fb6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-blackdown-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-sun-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"jdk>=1.3.0<1.6.0.3p3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"jdk>=1.5.0,1<1.5.0.13p7,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-blackdown-jdk>=1.3.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk>=1.3.0<1.3.1.20\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk>=1.4.0<1.4.2.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk=1.5.0.b1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk=1.5.0.b1,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk>=1.5.0,2<1.5.0.13,2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-sun-jdk>=1.6.0<1.6.0.03\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-04-12T15:29:09", "description": "The version of Sun Java Runtime Environment (JRE) installed on the remote host is affected by one or more security issues :\n\n - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges (233321).\n\n - When processing XSLT transformations, an untrusted application or applet downloaded from a website may be able to elevate its privileges or cause the JRE to crash (233322).\n\n - Three buffer overflows exist in Java Web Start (233323).\n\n - A vulnerability in the Java Plug-in may allow an applet download from a website to bypass the same origin policy and execute local applications (233324).\n\n - Multiple vulnerabilities in the JRE Image Processing library may allow an untrusted application or applet to elevate its privileges or cause the JRE to crash (233325).\n\n - A vulnerability in the JRE may allow untrusted JavaScript code to elevate its privileges through Java APIs (233326).\n\n - An as-yet unspecified buffer overflow exists in Java Web Start (233327).", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2008-03-06T00:00:00", "type": "nessus", "title": "Sun Java JRE Multiple Vulnerabilities (233321-233327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1193"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_233321.NASL", "href": "https://www.tenable.com/plugins/nessus/31356", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31356);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-1193\");\n script_bugtraq_id(28083, 28125);\n script_xref(name:\"SECUNIA\", value:\"29239\");\n\n script_name(english:\"Sun Java JRE Multiple Vulnerabilities (233321-233327)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Sun Java Runtime Environment (JRE) installed on the\nremote host is affected by one or more security issues :\n\n - Two vulnerabilities in the JRE VM may independently allow \n an untrusted application or applet downloaded from a \n website to elevate its privileges (233321).\n\n - When processing XSLT transformations, an untrusted\n application or applet downloaded from a website may\n be able to elevate its privileges or cause the JRE to\n crash (233322).\n\n - Three buffer overflows exist in Java Web Start (233323).\n\n - A vulnerability in the Java Plug-in may allow an applet\n download from a website to bypass the same origin policy\n and execute local applications (233324).\n\n - Multiple vulnerabilities in the JRE Image Processing \n library may allow an untrusted application or applet\n to elevate its privileges or cause the JRE to crash\n (233325).\n\n - A vulnerability in the JRE may allow untrusted \n JavaScript code to elevate its privileges through\n Java APIs (233326).\n\n - An as-yet unspecified buffer overflow exists in Java \n Web Start (233327).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019016.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019017.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019018.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019018.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019020.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019021.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019021.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 5 / JDK and JRE 5.0 Update 15 /\nSDK and JRE 1.4.2_17 or later and remove, if necessary, any other\naffected versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[0-4][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-4])[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-6][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_05 / 1.5.0_15 / 1.4.2_17\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:26:20", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly allows processing of external entity references even when the 'external general entities' property is set to 'FALSE'. This could allow an application to access certain URL resources, such as files or web pages, or to launch a denial of service attack against the system.\n\nNote that successful exploitation requires that specially crafted XML data be processed by a trusted application rather than by an untrusted applet or Java Web Start application.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java JRE External XML Entities Restriction Bypass (231246) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0628"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_231246_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64825);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-0628\");\n script_bugtraq_id(27553);\n\n script_name(english:\"Sun Java JRE External XML Entities Restriction Bypass (231246) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by a security\nbypass vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment (JRE)\ninstalled on the remote host reportedly allows processing of external\nentity references even when the 'external general entities' property is\nset to 'FALSE'. This could allow an application to access certain URL\nresources, such as files or web pages, or to launch a denial of service\nattack against the system.\n\nNote that successful exploitation requires that specially crafted XML\ndata be processed by a trusted application rather than by an untrusted\napplet or Java Web Start application.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2008/Feb/7\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1018967.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 4 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-0628\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (ver =~ \"^1\\.6\\.0_0[0-3][^0-9]?\")\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_04\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2022-04-12T15:28:15", "description": "The version of Sun Java Runtime Environment (JRE) installed on the remote host is affected by one or more security issues :\n\n - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges (233321).\n\n - When processing XSLT transformations, an untrusted application or applet downloaded from a website may be able to elevate its privileges or cause the JRE to crash (233322).\n\n - Three buffer overflows exist in Java Web Start (233323).\n\n - A vulnerability in the Java Plug-in may allow an applet downloaded from a website to bypass the same origin policy and execute local applications (233324).\n\n - Multiple vulnerabilities in the JRE Image Processing library may allow an untrusted application or applet to elevate its privileges or cause the JRE to crash (233325).\n\n - A vulnerability in the JRE may allow untrusted JavaScript code to elevate its privileges through Java APIs (233326).\n\n - An as-yet unspecified buffer overflow exists in Java Web Start (233327).", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java JRE Multiple Vulnerabilities (233321-233327) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1193"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_233321_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64827", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64827);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-1193\");\n script_bugtraq_id(28083, 28125);\n script_xref(name:\"SECUNIA\", value:\"29239\");\n\n script_name(english:\"Sun Java JRE Multiple Vulnerabilities (233321-233327) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Sun Java Runtime Environment (JRE) installed on the\nremote host is affected by one or more security issues :\n\n - Two vulnerabilities in the JRE VM may independently allow\n an untrusted application or applet downloaded from a\n website to elevate its privileges (233321).\n\n - When processing XSLT transformations, an untrusted\n application or applet downloaded from a website may\n be able to elevate its privileges or cause the JRE to\n crash (233322).\n\n - Three buffer overflows exist in Java Web Start (233323).\n\n - A vulnerability in the Java Plug-in may allow an applet\n downloaded from a website to bypass the same origin\n policy and execute local applications (233324).\n\n - Multiple vulnerabilities in the JRE Image Processing\n library may allow an untrusted application or applet\n to elevate its privileges or cause the JRE to crash\n (233325).\n\n - A vulnerability in the JRE may allow untrusted\n JavaScript code to elevate its privileges through\n Java APIs (233326).\n\n - An as-yet unspecified buffer overflow exists in Java\n Web Start (233327).\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019016.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019017.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019018.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019018.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019020.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019021.1.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1019021.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 5 / JDK and JRE 5.0 Update 15 / SDK\nand JRE 1.4.2_17 or later and remove, if necessary, any other affected\nversions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[0-4][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-4])[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-6][^0-9]?))\" ||\n ver =~ \"^1\\.3\\.\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_05 / 1.5.0_15 / 1.4.2_17\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:20:10", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly allows processing of external entity references even when the 'external general entities' property is set to 'FALSE'. This could allow an application to access certain URL resources, such as files or web pages, or to launch a denial of service attack against the system. \n\nNote that successful exploitation requires that specially crafted XML data be processed by a trusted application rather than by an untrusted applet or Java Web Start application.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}, "published": "2008-02-01T00:00:00", "type": "nessus", "title": "Sun Java JRE External XML Entities Restriction Bypass (231246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0628"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_231246.NASL", "href": "https://www.tenable.com/plugins/nessus/30149", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(30149);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-0628\");\n script_bugtraq_id(27553);\n\n script_name(english:\"Sun Java JRE External XML Entities Restriction Bypass (231246)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by a\nsecurity bypass vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment\n(JRE) installed on the remote host reportedly allows processing of\nexternal entity references even when the 'external general entities'\nproperty is set to 'FALSE'. This could allow an application to access\ncertain URL resources, such as files or web pages, or to launch a\ndenial of service attack against the system. \n\nNote that successful exploitation requires that specially crafted XML\ndata be processed by a trusted application rather than by an untrusted\napplet or Java Web Start application.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2008/Feb/7\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1018967.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (ver =~ \"^1\\.6\\.0_0[0-3][^0-9]?\")\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_04\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2022-04-12T15:32:16", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly may allow an untrusted application to elevate its privileges.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2007-05-02T00:00:00", "type": "nessus", "title": "Sun Java Web Start Unauthorized Access (102881)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_102881.NASL", "href": "https://www.tenable.com/plugins/nessus/25124", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25124);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-2435\");\n script_bugtraq_id(23728);\n\n script_name(english:\"Sun Java Web Start Unauthorized Access (102881)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by a\nprivilege escalation vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment\n(JRE) installed on the remote host reportedly may allow an untrusted\napplication to elevate its privileges.\");\n # http://web.archive.org/web/20080521111315/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c470982a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun Java 2 JDK and JRE 5.0 Update 11 / SDK and JRE 1.4.2_14\n/ SDK or later and remove, if necessary, any affected versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.5\\.0_(0[0-9]|10)[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-3][^0-9]?))\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.5.0_11 / 1.4.2_14\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:27:34", "description": "According to its version number, the Sun Java Runtime Environment (JRE) installed on the remote host reportedly may allow an untrusted application to elevate its privileges.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java Web Start Unauthorized Access (102881) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2435"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_102881_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64820);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-2435\");\n script_bugtraq_id(23728);\n\n script_name(english:\"Sun Java Web Start Unauthorized Access (102881) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by a privilege\nescalation vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Sun Java Runtime Environment (JRE)\ninstalled on the remote host reportedly may allow an untrusted\napplication to elevate its privileges.\");\n # http://web.archive.org/web/20080521111315/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c470982a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Sun Java 2 JDK and JRE 5.0 Update 11 / SDK and JRE 1.4.2_14 /\nSDK or later and remove, if necessary, any affected versions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2007-2435\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.5\\.0_(0[0-9]|10)[^0-9]?\" ||\n ver =~ \"^1\\.4\\.([01]_|2_(0[0-9]|1[0-3][^0-9]?))\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.5.0_11 / 1.4.2_14\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T18:12:33", "description": "Updated java-1.4.2-bea packages that correct several security issues and add enhancements are now available for Red Hat Enterprise Linux 4 Extras.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_15 JRE and SDK contain BEA WebLogic JRockit Virtual Machine 1.4.2_15 and are certified for the Java 2 Platform, Standard Edition, v1.4.2.\n\nA buffer overflow in the Java Runtime Environment image handling code was found. If an attacker is able to cause a server application to process a specially crafted image file, it may be possible to execute arbitrary code as the user running the Java Virtual Machine.\n(CVE-2007-2788, CVE-2007-2789, CVE-2007-3004)\n\nA denial of service flaw was discovered in the Java Applet Viewer. An untrusted Java applet could cause the Java Virtual Machine to become unresponsive. Please note that the BEA WebLogic JRockit 1.4.2_15 does not ship with a browser plug-in and therefore this issue could only be triggered by a user running the 'appletviewer' application.\n(CVE-2007-3005)\n\nA denial of service flaw was found in the way the JSSE component processed SSL/TLS handshake requests. A remote attacker able to connect to a JSSE enabled service could send a specially crafted handshake which would cause the Java Runtime Environment to stop responding to future requests. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processes font data. An applet viewed via the 'appletviewer' application could elevate its privileges, allowing the applet to perform actions with the same permissions as the user running the 'appletviewer' application. It may also be possible to crash a server application which processes untrusted font information from a third party.\n(CVE-2007-4381)\n\nAll users of java-1.4.2-bea should upgrade to these updated packages, which contain the BEA WebLogic JRockit 1.4.2_15 release that resolves these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : java-1.4.2-bea (RHSA-2007:1086)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3004", "CVE-2007-3005", "CVE-2007-3698", "CVE-2007-4381"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6"], "id": "REDHAT-RHSA-2007-1086.NASL", "href": "https://www.tenable.com/plugins/nessus/63846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1086. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63846);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3698\", \"CVE-2007-4381\");\n script_xref(name:\"RHSA\", value:\"2007:1086\");\n\n script_name(english:\"RHEL 4 : java-1.4.2-bea (RHSA-2007:1086)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-bea packages that correct several security issues\nand add enhancements are now available for Red Hat Enterprise Linux 4\nExtras.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_15 JRE and SDK contain BEA WebLogic\nJRockit Virtual Machine 1.4.2_15 and are certified for the Java 2\nPlatform, Standard Edition, v1.4.2.\n\nA buffer overflow in the Java Runtime Environment image handling code\nwas found. If an attacker is able to cause a server application to\nprocess a specially crafted image file, it may be possible to execute\narbitrary code as the user running the Java Virtual Machine.\n(CVE-2007-2788, CVE-2007-2789, CVE-2007-3004)\n\nA denial of service flaw was discovered in the Java Applet Viewer. An\nuntrusted Java applet could cause the Java Virtual Machine to become\nunresponsive. Please note that the BEA WebLogic JRockit 1.4.2_15 does\nnot ship with a browser plug-in and therefore this issue could only be\ntriggered by a user running the 'appletviewer' application.\n(CVE-2007-3005)\n\nA denial of service flaw was found in the way the JSSE component\nprocessed SSL/TLS handshake requests. A remote attacker able to\nconnect to a JSSE enabled service could send a specially crafted\nhandshake which would cause the Java Runtime Environment to stop\nresponding to future requests. (CVE-2007-3698)\n\nA flaw was found in the way the Java Runtime Environment processes\nfont data. An applet viewed via the 'appletviewer' application could\nelevate its privileges, allowing the applet to perform actions with\nthe same permissions as the user running the 'appletviewer'\napplication. It may also be possible to crash a server application\nwhich processes untrusted font information from a third party.\n(CVE-2007-4381)\n\nAll users of java-1.4.2-bea should upgrade to these updated packages,\nwhich contain the BEA WebLogic JRockit 1.4.2_15 release that resolves\nthese issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-2788.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-2789.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-3698.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-4381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev2dev.bea.com/pub/advisory/249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev2dev.bea.com/pub/advisory/248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2007-1086.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected java-1.4.2-bea, java-1.4.2-bea-devel and / or\njava-1.4.2-bea-jdbc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.15-1jpp.2.el4\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.15-1jpp.2.el4\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.15-1jpp.2.el4\")) flag++;\n\nif (rpm_check(release:\"RHEL4\", sp:\"6\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.15-1jpp.2.el4\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"6\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.15-1jpp.2.el4\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"6\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.15-1jpp.2.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:29:10", "description": "The version of Sun Java Runtime Environment (JRE) installed on the remote host reportedly contains two vulnerabilities that may independently allow an untrusted application or applet to elevate its privileges by, for example, granting itself permission to read and write local files or execute local applications subject to the privileges of the user running the application or applet.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2008-03-04T00:00:00", "type": "nessus", "title": "Sun Java JRE Applet Handling Privilege Escalation (231261)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0657"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_231261.NASL", "href": "https://www.tenable.com/plugins/nessus/31344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31344);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-0657\");\n script_bugtraq_id(27650);\n script_xref(name:\"SECUNIA\", value:\"28795\");\n\n script_name(english:\"Sun Java JRE Applet Handling Privilege Escalation (231261)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nprivilege escalation vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Sun Java Runtime Environment (JRE) installed on the\nremote host reportedly contains two vulnerabilities that may\nindependently allow an untrusted application or applet to elevate its\nprivileges by, for example, granting itself permission to read and\nwrite local files or execute local applications subject to the\nprivileges of the user running the application or applet.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1018968.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 14 or\nlater and remove any affected versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(1, \"The 'SMB/Java/JRE/' KB item is missing.\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver =~ \"^[0-9.]+\")\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[01][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-3])[^0-9]?\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_02 / 1.5.0_14\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:28:54", "description": "The version of Sun Java Runtime Environment (JRE) installed on the remote host reportedly contains two vulnerabilities that may independently allow an untrusted application or applet to elevate its privileges by, for example, granting itself permission to read and write local files or execute local applications subject to the privileges of the user running the application or applet.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java JRE Applet Handling Privilege Escalation (231261) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0657"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_JRE_231261_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64826);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2008-0657\");\n script_bugtraq_id(27650);\n script_xref(name:\"SECUNIA\", value:\"28795\");\n\n script_name(english:\"Sun Java JRE Applet Handling Privilege Escalation (231261) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that is affected by privilege\nescalation vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Sun Java Runtime Environment (JRE) installed on the\nremote host reportedly contains two vulnerabilities that may\nindependently allow an untrusted application or applet to elevate its\nprivileges by, for example, granting itself permission to read and write\nlocal files or execute local applications subject to the privileges of\nthe user running the application or applet.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://download.oracle.com/sunalerts/1018968.1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 14 or\nlater and remove, if necessary, any affected versions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-0657\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[01][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[0-3])[^0-9]?\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_02 / 1.5.0_14\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:06:55", "description": "Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language.\n\nThese updated java-1.5.0-sun packages resolve the following security issues :\n\nTwo vulnerabilities in the Java Runtime Environment allowed an untrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local files or execute local applications in the context of the user running the Java process. (CVE-2008-0657)\n\nUsers of java-1.5.0-sun should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0657"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0123.NASL", "href": "https://www.tenable.com/plugins/nessus/40713", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0123. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40713);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0657\");\n script_bugtraq_id(27650);\n script_xref(name:\"RHSA\", value:\"2008:0123\");\n\n script_name(english:\"RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0123)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.5.0-sun packages that correct several security issues\nare now available for Red Hat Enterprise Linux 4 Extras and 5\nSupplementary.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nThe Java Runtime Environment (JRE) contains the software and tools\nthat users need to run applets and applications written using the Java\nprogramming language.\n\nThese updated java-1.5.0-sun packages resolve the following security\nissues :\n\nTwo vulnerabilities in the Java Runtime Environment allowed an\nuntrusted application or applet to elevate the assigned privileges.\nThis could be misused by a malicious website to read and write local\nfiles or execute local applications in the context of the user running\nthe Java process. (CVE-2008-0657)\n\nUsers of java-1.5.0-sun should upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0657\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-26-231261-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f97ad11f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0123\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0123\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.14-1jpp.2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.14-1jpp.2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-demo-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-demo-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-devel-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-devel-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-jdbc-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-jdbc-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-plugin-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i586\", reference:\"java-1.5.0-sun-src-1.5.0.14-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.5.0-sun-src-1.5.0.14-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.5.0-sun / java-1.5.0-sun-demo / java-1.5.0-sun-devel / etc\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:28:55", "description": "The Java Web Start utility distributed with the version of Sun Java Runtime Environment (JRE) installed on the remote host may be affected by a buffer overflow vulnerability. If an attacker can convince a user on the affected host to open a specially crafted JNLP file, it may be possible to execute arbitrary code subject to the user's privileges.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Sun Java Web Start JNLP File Handling Overflow (102996) (Unix)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3655"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_WEBSTART_JNLP_OVERFLOW_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64834);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-3655\");\n script_bugtraq_id(24832);\n script_xref(name:\"EDB-ID\", value:\"30284\");\n\n script_name(english:\"Sun Java Web Start JNLP File Handling Overflow (102996) (Unix)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host has an application that may be prone to a buffer\noverflow attack.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Java Web Start utility distributed with the version of Sun Java\nRuntime Environment (JRE) installed on the remote host may be affected\nby a buffer overflow vulnerability. If an attacker can convince a user\non the affected host to open a specially crafted JNLP file, it may be\npossible to execute arbitrary code subject to the user's privileges.\");\n # https://www.beyondtrust.com/resources/blog/research/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7c3384af\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/473224/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/473356/30/0/threaded\");\n # http://web.archive.org/web/20080612184027/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7eec761c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun Java JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 12\nor later and remove, if necessary, any affected versions.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.6\\.0_0[01][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[01])[^0-9]?\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_02 / 1.5.0_12\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity)\n {\n if (vuln > 1) s = \"s of Sun's JRE are\";\n else s = \" of Sun's JRE is\";\n\n report = string(\n \"\\n\",\n \"The following vulnerable instance\", s, \" installed on the\\n\",\n \"remote host :\\n\",\n info\n );\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:34:37", "description": "There is reportedly a buffer overflow in the Java Web Start utility distributed with the version of Sun Java Runtime Environment (JRE) installed on the remote host. If an attacker can convince a user on the affected host to open a specially crafted JNLP file, arbitrary code could be executed subject to the user's privileges.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2007-07-10T00:00:00", "type": "nessus", "title": "Sun Java Web Start JNLP File Handling Overflow (102996)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3655"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "SUN_JAVA_WEBSTART_JNLP_OVERFLOW.NASL", "href": "https://www.tenable.com/plugins/nessus/25693", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25693);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2007-3655\");\n script_bugtraq_id(24832);\n script_xref(name:\"EDB-ID\", value:\"30284\");\n\n script_name(english:\"Sun Java Web Start JNLP File Handling Overflow (102996)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that may be prone to a\nbuffer overflow attack.\");\n script_set_attribute(attribute:\"description\", value:\n\"There is reportedly a buffer overflow in the Java Web Start utility\ndistributed with the version of Sun Java Runtime Environment (JRE)\ninstalled on the remote host. If an attacker can convince a user on\nthe affected host to open a specially crafted JNLP file, arbitrary\ncode could be executed subject to the user's privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.beyondtrust.com/resources/blog/research/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/473224/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/473356/30/0/threaded\");\n # http://web.archive.org/web/20080612184027/http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7eec761c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Sun Java JDK and JRE 6 Update 2 / JDK and JRE 5.0 Update 12\nor later and remove, if necessary, any affected versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2007-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(0);\n\ninfo = \"\";\nvuln = 0;\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (\n ver =~ \"^1\\.6\\.0_0[01][^0-9]?\" ||\n ver =~ \"^1\\.5\\.0_(0[0-9]|1[01])[^0-9]?\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_02 / 1.5.0_12\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity)\n {\n if (vuln > 1) s = \"s of Sun's JRE are\";\n else s = \" of Sun's JRE is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance' + s + ' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:58", "description": "Updated java-1.4.2-bea packages that fix a security issue are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic JRockit Virtual Machine 1.4.2_16 and is certified for the Java 2 Platform, Standard Edition, v1.4.2.\n\nA flaw was found in the Java XSLT processing classes. An untrusted application or applet could cause a denial of service, or execute arbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nPlease note: This vulnerability can only be triggered in java-1.4.2-bea by calling the 'appletviewer' application.\n\nAll java-1.4.2-bea users should upgrade to this updated package which addresses this vulnerability.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : java-1.4.2-bea (RHSA-2008:0243)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1187"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-missioncontrol", "p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-src", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2008-0243.NASL", "href": "https://www.tenable.com/plugins/nessus/40720", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0243. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40720);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1187\");\n script_bugtraq_id(28083);\n script_xref(name:\"RHSA\", value:\"2008:0243\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : java-1.4.2-bea (RHSA-2008:0243)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.4.2-bea packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise\nLinux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe BEA WebLogic JRockit 1.4.2_16 JRE and SDK contains BEA WebLogic\nJRockit Virtual Machine 1.4.2_16 and is certified for the Java 2\nPlatform, Standard Edition, v1.4.2.\n\nA flaw was found in the Java XSLT processing classes. An untrusted\napplication or applet could cause a denial of service, or execute\narbitrary code with the permissions of the user running the JRE.\n(CVE-2008-1187)\n\nPlease note: This vulnerability can only be triggered in\njava-1.4.2-bea by calling the 'appletviewer' application.\n\nAll java-1.4.2-bea users should upgrade to this updated package which\naddresses this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1187\"\n );\n # http://dev2dev.bea.com/pub/advisory/277\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cd88e8d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0243\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-missioncontrol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-bea-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0243\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.2.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.2.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.4.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.4.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.4.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-1.4.2.16-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-demo-1.4.2.16-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-devel-1.4.2.16-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-jdbc-1.4.2.16-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-missioncontrol-1.4.2.16-1jpp.2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"java-1.4.2-bea-src-1.4.2.16-1jpp.2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.4.2-bea / java-1.4.2-bea-demo / java-1.4.2-bea-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:50:03", "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-20.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200804-20 (sun-jdk, sun-jre-bin, emul-linux-x86-java)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2008-1191", "CVE-2008-0628", "CVE-2007-5232", "CVE-2007-3655", "CVE-2007-5240", "CVE-2008-1189", "CVE-2007-2788", "CVE-2008-1186", "CVE-2008-0657", "CVE-2008-1185", "CVE-2007-5237", "CVE-2008-1196", "CVE-2007-2789", "CVE-2007-2435", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5689", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60820", "href": "http://plugins.openvas.org/nasl.php?oid=60820", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been identified in Sun Java Development Kit\n(JDK) and Java Runtime Environment (JRE).\";\ntag_solution = \"All Sun JRE users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose 'dev-java/sun-jre-bin'\n\nAll Sun JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose 'dev-java/sun-jdk'\n\nAll emul-linux-x86-java users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose 'app-emulation/emul-linux-x86-java'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-20\nhttp://bugs.gentoo.org/show_bug.cgi?id=178851\nhttp://bugs.gentoo.org/show_bug.cgi?id=178962\nhttp://bugs.gentoo.org/show_bug.cgi?id=183580\nhttp://bugs.gentoo.org/show_bug.cgi?id=185256\nhttp://bugs.gentoo.org/show_bug.cgi?id=194711\nhttp://bugs.gentoo.org/show_bug.cgi?id=212425\nhttp://www.gentoo.org/security/en/glsa/glsa-200705-23.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-200706-08.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-20.\";\n\n \n\nif(description)\n{\n script_id(60820);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-2435\", \"CVE-2007-2788\", \"CVE-2007-2789\", \"CVE-2007-3655\", \"CVE-2007-5232\", \"CVE-2007-5237\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2007-5689\", \"CVE-2008-0628\", \"CVE-2008-0657\", \"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200804-20 (sun-jdk, sun-jre-bin, emul-linux-x86-java)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-java/sun-jre-bin\", unaffected: make_list(\"ge 1.6.0.05\", \"rge 1.5.0.15\", \"rge 1.4.2.17\"), vulnerable: make_list(\"lt 1.6.0.05\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"dev-java/sun-jdk\", unaffected: make_list(\"ge 1.6.0.05\", \"rge 1.5.0.15\", \"rge 1.4.2.17\"), vulnerable: make_list(\"lt 1.6.0.05\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-emulation/emul-linux-x86-java\", unaffected: make_list(\"ge 1.6.0.05\", \"rge 1.5.0.15\", \"rge 1.4.2.17\"), vulnerable: make_list(\"lt 1.6.0.05\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:07", "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-28.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200804-28 (jrockit-jdk-bin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2008-1191", "CVE-2008-0628", "CVE-2007-5232", "CVE-2007-3655", "CVE-2007-5240", "CVE-2008-1189", "CVE-2007-2788", "CVE-2008-1186", "CVE-2008-0657", "CVE-2008-1185", "CVE-2007-5237", "CVE-2008-1196", "CVE-2007-2789", "CVE-2007-2435", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5689", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60872", "href": "http://plugins.openvas.org/nasl.php?oid=60872", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been identified in BEA JRockit.\";\ntag_solution = \"All JRockit 1.4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/jrockit-jdk-bin-1.4.2.16'\n\nAll JRockit 1.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/jrockit-jdk-bin-1.5.0.14'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-28\nhttp://bugs.gentoo.org/show_bug.cgi?id=218226\nhttp://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-28.\";\n\n \n\nif(description)\n{\n script_id(60872);\n script_cve_id(\"CVE-2007-2435\",\"CVE-2007-2788\",\"CVE-2007-2789\",\"CVE-2007-3655\",\"CVE-2007-5232\",\"CVE-2007-5237\",\"CVE-2007-5238\",\"CVE-2007-5239\",\"CVE-2007-5240\",\"CVE-2007-5273\",\"CVE-2007-5274\",\"CVE-2007-5689\",\"CVE-2008-0628\",\"CVE-2008-0657\",\"CVE-2008-1185\",\"CVE-2008-1186\",\"CVE-2008-1187\",\"CVE-2008-1188\",\"CVE-2008-1189\",\"CVE-2008-1190\",\"CVE-2008-1191\",\"CVE-2008-1192\",\"CVE-2008-1193\",\"CVE-2008-1194\",\"CVE-2008-1195\",\"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_name(\"Gentoo Security Advisory GLSA 200804-28 (jrockit-jdk-bin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-java/jrockit-jdk-bin\", unaffected: make_list(\"rge 1.4.2.16\", \"ge 1.5.0.14\"), vulnerable: make_list(\"lt 1.5.0.14\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:10", "description": "The remote host is missing updates announced in\nadvisory GLSA 200806-11.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200806-11 (ibm-jdk-bin ibm-jre-bin)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2008-1191", "CVE-2008-0628", "CVE-2007-5232", "CVE-2007-3655", "CVE-2007-5240", "CVE-2008-1189", "CVE-2007-2788", "CVE-2008-1186", "CVE-2008-0657", "CVE-2008-1185", "CVE-2007-5237", "CVE-2008-1196", "CVE-2007-2789", "CVE-2007-2435", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5689", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61215", "href": "http://plugins.openvas.org/nasl.php?oid=61215", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in IBM Java Development Kit (JDK)\nand Java Runtime Environment (JRE), resulting in the execution of\narbitrary code.\";\ntag_solution = \"All IBM JDK 1.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/ibm-jdk-bin-1.5.0.7'\n\nAll IBM JDK 1.4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/ibm-jdk-bin-1.4.2.11'\n\nAll IBM JRE 1.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/ibm-jre-bin-1.5.0.7'\n\nAll IBM JRE 1.4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/ibm-jre-bin-1.4.2.11'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200806-11\nhttp://bugs.gentoo.org/show_bug.cgi?id=186277\nhttp://bugs.gentoo.org/show_bug.cgi?id=198644\nhttp://bugs.gentoo.org/show_bug.cgi?id=216112\nhttp://www.gentoo.org/security/en/glsa/glsa-200804-20.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200806-11.\";\n\n \n\nif(description)\n{\n script_id(61215);\n script_cve_id(\"CVE-2007-2435\",\"CVE-2007-2788\",\"CVE-2007-2789\",\"CVE-2007-3655\",\"CVE-2007-5232\",\"CVE-2007-5237\",\"CVE-2007-5238\",\"CVE-2007-5239\",\"CVE-2007-5240\",\"CVE-2007-5273\",\"CVE-2007-5274\",\"CVE-2007-5689\",\"CVE-2008-0628\",\"CVE-2008-0657\",\"CVE-2008-1185\",\"CVE-2008-1186\",\"CVE-2008-1187\",\"CVE-2008-1188\",\"CVE-2008-1189\",\"CVE-2008-1190\",\"CVE-2008-1191\",\"CVE-2008-1192\",\"CVE-2008-1193\",\"CVE-2008-1194\",\"CVE-2008-1195\",\"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_name(\"Gentoo Security Advisory GLSA 200806-11 (ibm-jdk-bin ibm-jre-bin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-java/ibm-jdk-bin\", unaffected: make_list(\"ge 1.5.0.7\", \"rge 1.4.2.11\"), vulnerable: make_list(\"lt 1.5.0.7\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"dev-java/ibm-jre-bin\", unaffected: make_list(\"ge 1.5.0.7\", \"rge 1.4.2.11\"), vulnerable: make_list(\"lt 1.5.0.7\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:03", "description": "Check for the Version of Sun Java", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for Sun Java SUSE-SA:2008:018", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2008-1191", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-1185", "CVE-2008-1196", "CVE-2008-1190", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850018", "href": "http://plugins.openvas.org/nasl.php?oid=850018", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_018.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for Sun Java SUSE-SA:2008:018\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Sun Java standard editions have received security updates.\n\n Sun Java 1.4.2 was updated to 1.4.2 update 17,\n Sun Java 1.5.0 was updated to 1.5.0 update 15,\n Sun Java 1.6.0 was updated to 1.6.0 update 5.\n\n These updates fix the following security issues:\n\n - CVE-2008-1185: Unspecified vulnerability in the Virtual Machine for\n Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier,\n 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows\n remote attackers should gain privileges via an untrusted application\n or applet, a different issue than CVE-2008-1186.\n\n - CVE-2008-1186: Unspecified vulnerability in the Virtual Machine for\n Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier,\n and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain\n privileges via an untrusted application or applet, a different\n issue than CVE-2008-1185.\n\n - CVE-2008-1187: Unspecified vulnerability in Sun Java Runtime\n Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and\n earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to\n cause a denial of service (JRE crash) and possibly execute arbitrary\n code via unknown vectors related to XSLT transforms.\n\n - CVE-2008-1188: Multiple buffer overflows in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier,\n allow remote attackers to execute arbitrary code via unknown vectors,\n different issues than CVE-2008-1189, aka "The first two issues."\n\n - CVE-2008-1189: Buffer overflow in Java Web Start in Sun JDK and JRE\n 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE\n 1.4.2_16 and earlier allows remote attackers to execute arbitrary\n code via unknown vectors, a different issue than CVE-2008-1188.\n\n - CVE-2008-1190: Unspecified vulnerability in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier,\n and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain\n privileges via an untrusted application, a different issue than\n CVE-2008-1191.\n\n - CVE-2008-1191: Unspecified vulnerability in Java Web Start in Sun\n JDK and JRE 6 Update 4 and earlier allows remote attackers to\n create arbitrary files via an untrusted application, a different\n issue than CVE-2 ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"Sun Java on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850018);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-018\");\n script_cve_id(\"CVE-2008-1185\", \"CVE-2008-1186\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_name( \"SuSE Update for Sun Java SUSE-SA:2008:018\");\n\n script_summary(\"Check for the Version of Sun Java\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update15~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun\", rpm:\"java-1_6_0-sun~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-alsa\", rpm:\"java-1_6_0-sun-alsa~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-debuginfo\", rpm:\"java-1_6_0-sun-debuginfo~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-demo\", rpm:\"java-1_6_0-sun-demo~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-devel\", rpm:\"java-1_6_0-sun-devel~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-jdbc\", rpm:\"java-1_6_0-sun-jdbc~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_6_0-sun-plugin\", rpm:\"java-1_6_0-sun-plugin~1.6.0.u5~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-demo\", rpm:\"java-1_4_2-sun-demo~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-src\", rpm:\"java-1_4_2-sun-src~1.4.2_update17~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_update14~0.3\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~129.40\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~129.40\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~129.40\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~129.40\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-demo\", rpm:\"java-1_4_2-sun-demo~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-src\", rpm:\"java-1_4_2-sun-src~1.4.2.17~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-demo\", rpm:\"java-1_4_2-sun-demo~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-src\", rpm:\"java-1_4_2-sun-src~1.4.2.17~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-demo\", rpm:\"java-1_4_2-sun-demo~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-sun-src\", rpm:\"java-1_4_2-sun-src~1.4.2.17~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun\", rpm:\"java-1_5_0-sun~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-alsa\", rpm:\"java-1_5_0-sun-alsa~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-demo\", rpm:\"java-1_5_0-sun-demo~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-devel\", rpm:\"java-1_5_0-sun-devel~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-jdbc\", rpm:\"java-1_5_0-sun-jdbc~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-plugin\", rpm:\"java-1_5_0-sun-plugin~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-sun-src\", rpm:\"java-1_5_0-sun-src~1.5.0_15~0.1\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:08", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_5_0-ibm\n java-1_5_0-ibm-alsa\n java-1_5_0-ibm-devel\n java-1_5_0-ibm-fonts\n java-1_5_0-ibm-jdbc\n java-1_5_0-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for IBM Java 1.5.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-0657", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066000", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066000", "sourceData": "#\n#VID slesp1-java-1_5_0-ibm-5183\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for IBM Java 1.5.0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_5_0-ibm\n java-1_5_0-ibm-alsa\n java-1_5_0-ibm-devel\n java-1_5_0-ibm-fonts\n java-1_5_0-ibm-jdbc\n java-1_5_0-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66000\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1196\", \"CVE-2008-1195\", \"CVE-2008-1194\", \"CVE-2008-1193\", \"CVE-2008-1192\", \"CVE-2008-1190\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1187\", \"CVE-2008-0657\", \"CVE-2007-5232\", \"CVE-2007-5274\", \"CVE-2007-5273\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-4381\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for IBM Java 1.5.0\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm\", rpm:\"java-1_5_0-ibm~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa\", rpm:\"java-1_5_0-ibm-alsa~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel\", rpm:\"java-1_5_0-ibm-devel~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-fonts\", rpm:\"java-1_5_0-ibm-fonts~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-jdbc\", rpm:\"java-1_5_0-ibm-jdbc~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-plugin\", rpm:\"java-1_5_0-ibm-plugin~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_5_0-ibm\n java-1_5_0-ibm-alsa\n java-1_5_0-ibm-devel\n java-1_5_0-ibm-fonts\n java-1_5_0-ibm-jdbc\n java-1_5_0-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for IBM Java 1.5.0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-0657", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66000", "href": "http://plugins.openvas.org/nasl.php?oid=66000", "sourceData": "#\n#VID slesp1-java-1_5_0-ibm-5183\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for IBM Java 1.5.0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_5_0-ibm\n java-1_5_0-ibm-alsa\n java-1_5_0-ibm-devel\n java-1_5_0-ibm-fonts\n java-1_5_0-ibm-jdbc\n java-1_5_0-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66000);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1196\", \"CVE-2008-1195\", \"CVE-2008-1194\", \"CVE-2008-1193\", \"CVE-2008-1192\", \"CVE-2008-1190\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1187\", \"CVE-2008-0657\", \"CVE-2007-5232\", \"CVE-2007-5274\", \"CVE-2007-5273\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-4381\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for IBM Java 1.5.0\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm\", rpm:\"java-1_5_0-ibm~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa\", rpm:\"java-1_5_0-ibm-alsa~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel\", rpm:\"java-1_5_0-ibm-devel~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-fonts\", rpm:\"java-1_5_0-ibm-fonts~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-jdbc\", rpm:\"java-1_5_0-ibm-jdbc~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-plugin\", rpm:\"java-1_5_0-ibm-plugin~1.5.0_sr7~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:21:13", "description": "Check for the Version of IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm SUSE-SA:2008:025", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2008-1195", "CVE-2008-1194", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-0657", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2008-1188", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1193", "CVE-2008-1192"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850026", "href": "http://plugins.openvas.org/nasl.php?oid=850026", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_025.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm SUSE-SA:2008:025\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"IBM Java 1.4.2 was updated to SR10 and IBM Java 1.5.0 was updated to\n SR7 to fix various security issues:\n\n - CVE-2008-1196: A buffer overflow vulnerability in Java Web Start\n may allow an untrusted Java Web Start application that is downloaded\n from a website to elevate its privileges. For example, an untrusted\n Java Web Start application may grant itself permissions to read and\n write local files or execute local applications that are accessible\n to the user running the untrusted application.\n\n - CVE-2008-1195: A vulnerability in the Java Runtime Environment may\n allow JavaScript(TM) code that is downloaded by a browser to make\n connections to network services on the system that the browser runs\n on, through Java APIs, This may allow files (that are accessible\n through these network services) or vulnerabilities (that exist on\n these network services) which are not otherwise normally accessible\n to be accessed or exploited.\n\n - CVE-2008-1192: A vulnerability in the Java Plug-in may an untrusted\n applet to bypass same origin policy and leverage this flaw to\n execute local applications that are accessible to the user running\n the untrusted applet.\n\n - CVE-2008-1190: A vulnerability in Java Web Start may allow an\n untrusted Java Web Start application to elevate its privileges. For\n example, an application may grant itself permissions to read and\n write local files or execute local applications that are accessible\n to the user running the untrusted application.\n\n - CVE-2008-1189: A buffer overflow vulnerability in the Java Runtime\n Environment may allow an untrusted applet or application to elevate\n its privileges. For example, an applet may grant itself permissions\n to read and write local files or execute local applications that\n are accessible to the user running the untrusted applet.\n\n - CVE-2008-1187: A vulnerability in the Java Runtime Environment\n with parsing XML data may allow an untrusted applet or application\n to elevate its privileges. For example, an applet may read certain\n URL resources (such as some files and web pages).\n\n - CVE-2007-5232: A vulnerability in the Java Runtime Environment (JRE)\n with applet caching may allow an untrusted applet that is\n downloaded from a malicious website to make network connections ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm on SUSE SLES 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850026);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-025\");\n script_cve_id(\"CVE-2007-3698\", \"CVE-2007-4381\", \"CVE-2007-5232\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-5273\", \"CVE-2007-5274\", \"CVE-2008-0657\", \"CVE-2008-1187\", \"CVE-2008-1188\", \"CVE-2008-1189\", \"CVE-2008-1190\", \"CVE-2008-1192\", \"CVE-2008-1193\", \"CVE-2008-1194\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_name( \"SuSE Update for IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm SUSE-SA:2008:025\");\n\n script_summary(\"Check for the Version of IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm\", rpm:\"java-1_4_2-ibm~1.4.2_sr10~0.2\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-devel\", rpm:\"java-1_4_2-ibm-devel~1.4.2_sr10~0.2\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-jdbc\", rpm:\"java-1_4_2-ibm-jdbc~1.4.2_sr10~0.2\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-plugin\", rpm:\"java-1_4_2-ibm-plugin~1.4.2_sr10~0.2\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-JRE\", rpm:\"IBMJava5-JRE~1.5.0~0.22\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-SDK\", rpm:\"IBMJava5-SDK~1.5.0~0.22\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-JRE\", rpm:\"IBMJava2-JRE~1.4.2~0.112\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-SDK\", rpm:\"IBMJava2-SDK~1.4.2~0.112\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-JRE\", rpm:\"IBMJava5-JRE~1.5.0~0.22\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-SDK\", rpm:\"IBMJava5-SDK~1.5.0~0.22\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-JRE\", rpm:\"IBMJava2-JRE~1.4.2~0.112\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-SDK\", rpm:\"IBMJava2-SDK~1.4.2~0.112\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-JRE\", rpm:\"IBMJava5-JRE~1.5.0~0.22\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava5-SDK\", rpm:\"IBMJava5-SDK~1.5.0~0.22\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-JRE\", rpm:\"IBMJava2-JRE~1.4.2~0.112\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"IBMJava2-SDK\", rpm:\"IBMJava2-SDK~1.4.2~0.112\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm\", rpm:\"java-1_5_0-ibm~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-32bit\", rpm:\"java-1_5_0-ibm-32bit~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa-32bit\", rpm:\"java-1_5_0-ibm-alsa-32bit~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel\", rpm:\"java-1_5_0-ibm-devel~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel-32bit\", rpm:\"java-1_5_0-ibm-devel-32bit~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-fonts\", rpm:\"java-1_5_0-ibm-fonts~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa\", rpm:\"java-1_5_0-ibm-alsa~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-jdbc\", rpm:\"java-1_5_0-ibm-jdbc~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-plugin\", rpm:\"java-1_5_0-ibm-plugin~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-demo\", rpm:\"java-1_5_0-ibm-demo~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-src\", rpm:\"java-1_5_0-ibm-src~1.5.0_sr7~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm\", rpm:\"java-1_4_2-ibm~1.4.2_sr10~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-devel\", rpm:\"java-1_4_2-ibm-devel~1.4.2_sr10~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-jdbc\", rpm:\"java-1_4_2-ibm-jdbc~1.4.2_sr10~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-plugin\", rpm:\"java-1_4_2-ibm-plugin~1.4.2_sr10~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm\", rpm:\"java-1_5_0-ibm~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-32bit\", rpm:\"java-1_5_0-ibm-32bit~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa-32bit\", rpm:\"java-1_5_0-ibm-alsa-32bit~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel\", rpm:\"java-1_5_0-ibm-devel~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-devel-32bit\", rpm:\"java-1_5_0-ibm-devel-32bit~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-fonts\", rpm:\"java-1_5_0-ibm-fonts~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-alsa\", rpm:\"java-1_5_0-ibm-alsa~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-jdbc\", rpm:\"java-1_5_0-ibm-jdbc~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-plugin\", rpm:\"java-1_5_0-ibm-plugin~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-demo\", rpm:\"java-1_5_0-ibm-demo~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_5_0-ibm-src\", rpm:\"java-1_5_0-ibm-src~1.5.0_sr7~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:35", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023078 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Java2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1191", "CVE-2008-1158", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-1185", "CVE-2008-1196", "CVE-2008-1190", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1192"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065368", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065368", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023078.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023078 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65368\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1186\", \"CVE-2008-1185\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:43", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-sun\n java-1_4_2-sun-alsa\n java-1_4_2-sun-devel\n java-1_4_2-sun-jdbc\n java-1_4_2-sun-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Sun Java", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1191", "CVE-2008-1158", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-1185", "CVE-2008-1196", "CVE-2008-1190", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1192"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066005", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066005", "sourceData": "#\n#VID slesp1-java-1_4_2-sun-5131\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Sun Java\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-sun\n java-1_4_2-sun-alsa\n java-1_4_2-sun-devel\n java-1_4_2-sun-jdbc\n java-1_4_2-sun-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66005\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1186\", \"CVE-2008-1185\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Sun Java\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:01", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-sun\n java-1_4_2-sun-alsa\n java-1_4_2-sun-devel\n java-1_4_2-sun-jdbc\n java-1_4_2-sun-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Sun Java", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1191", "CVE-2008-1158", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-1185", "CVE-2008-1196", "CVE-2008-1190", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1192"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66005", "href": "http://plugins.openvas.org/nasl.php?oid=66005", "sourceData": "#\n#VID slesp1-java-1_4_2-sun-5131\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Sun Java\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-sun\n java-1_4_2-sun-alsa\n java-1_4_2-sun-devel\n java-1_4_2-sun-jdbc\n java-1_4_2-sun-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66005);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1186\", \"CVE-2008-1185\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Sun Java\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun\", rpm:\"java-1_4_2-sun~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-alsa\", rpm:\"java-1_4_2-sun-alsa~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-devel\", rpm:\"java-1_4_2-sun-devel~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-jdbc\", rpm:\"java-1_4_2-sun-jdbc~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-sun-plugin\", rpm:\"java-1_4_2-sun-plugin~1.4.2.17~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:59", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023078 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Java2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1195", "CVE-2008-1191", "CVE-2008-1158", "CVE-2008-1189", "CVE-2008-1186", "CVE-2008-1185", "CVE-2008-1196", "CVE-2008-1190", "CVE-2008-1187", "CVE-2008-1188", "CVE-2008-1192"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65368", "href": "http://plugins.openvas.org/nasl.php?oid=65368", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023078.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023078 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65368);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1158\", \"CVE-2008-1186\", \"CVE-2008-1185\", \"CVE-2008-1187\", \"CVE-2008-1189\", \"CVE-2008-1188\", \"CVE-2008-1190\", \"CVE-2008-1191\", \"CVE-2008-1192\", \"CVE-2008-1195\", \"CVE-2008-1196\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.40\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:14", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-ibm\n java-1_4_2-ibm-devel\n java-1_4_2-ibm-jdbc\n java-1_4_2-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for IBM Java 1.4.2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2008-1195", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1192"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065988", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065988", "sourceData": "#\n#VID slesp1-java-1_4_2-ibm-5182\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for IBM Java 1.4.2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java-1_4_2-ibm\n java-1_4_2-ibm-devel\n java-1_4_2-ibm-jdbc\n java-1_4_2-ibm-plugin\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65988\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-1196\", \"CVE-2008-1195\", \"CVE-2008-1192\", \"CVE-2008-1190\", \"CVE-2008-1189\", \"CVE-2008-1187\", \"CVE-2007-5232\", \"CVE-2007-5274\", \"CVE-2007-5273\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-4381\", \"CVE-2007-3698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for IBM Java 1.4.2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java-1_4_2-ibm\", rpm:\"java-1_4_2-ibm~1.4.2_sr10~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-devel\", rpm:\"java-1_4_2-ibm-devel~1.4.2_sr10~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-jdbc\", rpm:\"java-1_4_2-ibm-jdbc~1.4.2_sr10~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"java-1_4_2-ibm-plugin\", rpm:\"java-1_4_2-ibm-plugin~1.4.2_sr10~0.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:31", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n IBMJava5-SDK\n IBMJava5-JRE\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for IBM Java 5 and JRE", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2008-1195", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1192"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065295", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065295", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023460.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for IBM Java 5 and JRE\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n IBMJava5-SDK\n IBMJava5-JRE\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65295\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1196\", \"CVE-2008-1195\", \"CVE-2008-1192\", \"CVE-2008-1190\", \"CVE-2008-1189\", \"CVE-2008-1187\", \"CVE-2007-5232\", \"CVE-2007-5274\", \"CVE-2007-5273\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-2007-4381\", \"CVE-2007-3698\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for IBM Java 5 and JRE\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"IBMJava5-SDK\", rpm:\"IBMJava5-SDK~1.5.0~0.22\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:18", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n IBMJava5-SDK\n IBMJava5-JRE\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for IBM Java 5 and JRE", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-3698", "CVE-2008-1195", "CVE-2007-5238", "CVE-2007-5232", "CVE-2007-5240", "CVE-2008-1189", "CVE-2008-1196", "CVE-2007-5236", "CVE-2008-1190", "CVE-2007-5273", "CVE-2008-1187", "CVE-2007-5239", "CVE-2007-4381", "CVE-2007-5274", "CVE-2008-1192"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65295", "href": "http://plugins.openvas.org/nasl.php?oid=65295", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5023460.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for IBM Java 5 and JRE\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n IBMJava5-SDK\n IBMJava5-JRE\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5023460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65295);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-1196\", \"CVE-2008-1195\", \"CVE-2008-1192\", \"CVE-2008-1190\", \"CVE-2008-1189\", \"CVE-2008-1187\", \"CVE-2007-5232\", \"CVE-2007-5274\", \"CVE-2007-5273\", \"CVE-2007-5236\", \"CVE-2007-5238\", \"CVE-2007-5239\", \"CVE-2007-5240\", \"CVE-20

Sun JDK/JRE: Multiple vulnerabilities

Description

Affected Package

Related