Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2010-0337.NASL
HistoryMay 11, 2010 - 12:00 a.m.

RHEL 5 : java-1.6.0-sun (RHSA-2010:0337)

2010-05-1100:00:00
This script is Copyright (C) 2010-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
34

7.9 High

AI Score

Confidence

Low

JSON

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0337 advisory.

  • TLS: MITM attacks via session renegotiation (CVE-2009-3555)

  • OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217) (CVE-2010-0082)

  • OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) (CVE-2010-0084)

  • OpenJDK File TOCTOU deserialization vulnerability (6736390) (CVE-2010-0085)

  • JDK unspecified vulnerability in JWS/Plugin component (CVE-2010-0087)

  • OpenJDK Inflater/Deflater clone issues (6745393) (CVE-2010-0088)

  • JDK unspecified vulnerability in JavaWS/Plugin component (CVE-2010-0089, CVE-2010-0090)

  • OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703) (CVE-2010-0091)

  • OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) (CVE-2010-0092)

  • OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) (CVE-2010-0093)

  • OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) (CVE-2010-0094)

  • OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) (CVE-2010-0095)

  • OpenJDK JAR unpack200 must verify input parameters (6902299) (CVE-2010-0837)

  • OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653) (CVE-2010-0838)

  • JDK multiple unspecified vulnerabilities (CVE-2010-0839, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844)

  • OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) (CVE-2010-0840)

  • OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597) (CVE-2010-0841)

  • OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) (CVE-2010-0845)

  • JDK unspecified vulnerability in ImageIO component (CVE-2010-0846)

  • OpenJDK ImagingLib arbitrary code execution vulnerability (6914866) (CVE-2010-0847)

  • OpenJDK AWT Library Invalid Index Vulnerability (6914823) (CVE-2010-0848)

  • JDK unspecified vulnerability in Java2D component (CVE-2010-0849)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2010:0337. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(46293);
  script_version("1.39");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/21");

  script_cve_id(
    "CVE-2009-3555",
    "CVE-2010-0082",
    "CVE-2010-0084",
    "CVE-2010-0085",
    "CVE-2010-0087",
    "CVE-2010-0088",
    "CVE-2010-0089",
    "CVE-2010-0090",
    "CVE-2010-0091",
    "CVE-2010-0092",
    "CVE-2010-0093",
    "CVE-2010-0094",
    "CVE-2010-0095",
    "CVE-2010-0837",
    "CVE-2010-0838",
    "CVE-2010-0839",
    "CVE-2010-0840",
    "CVE-2010-0841",
    "CVE-2010-0842",
    "CVE-2010-0843",
    "CVE-2010-0844",
    "CVE-2010-0845",
    "CVE-2010-0846",
    "CVE-2010-0847",
    "CVE-2010-0848",
    "CVE-2010-0849"
  );
  script_bugtraq_id(
    36935,
    39062,
    39065,
    39067,
    39068,
    39069,
    39070,
    39071,
    39072,
    39073,
    39075,
    39077,
    39078,
    39081,
    39083,
    39084,
    39085,
    39086,
    39088,
    39089,
    39090,
    39091,
    39093,
    39094,
    39095,
    39096
  );
  script_xref(name:"RHSA", value:"2010:0337");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/15");

  script_name(english:"RHEL 5 : java-1.6.0-sun (RHSA-2010:0337)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for java-1.6.0-sun.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2010:0337 advisory.

  - TLS: MITM attacks via session renegotiation (CVE-2009-3555)

  - OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217) (CVE-2010-0082)

  - OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) (CVE-2010-0084)

  - OpenJDK File TOCTOU deserialization vulnerability (6736390) (CVE-2010-0085)

  - JDK unspecified vulnerability in JWS/Plugin component (CVE-2010-0087)

  - OpenJDK Inflater/Deflater clone issues (6745393) (CVE-2010-0088)

  - JDK unspecified vulnerability in JavaWS/Plugin component (CVE-2010-0089, CVE-2010-0090)

  - OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
    (CVE-2010-0091)

  - OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) (CVE-2010-0092)

  - OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
    (CVE-2010-0093)

  - OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
    (CVE-2010-0094)

  - OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) (CVE-2010-0095)

  - OpenJDK JAR unpack200 must verify input parameters (6902299) (CVE-2010-0837)

  - OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653) (CVE-2010-0838)

  - JDK multiple unspecified vulnerabilities (CVE-2010-0839, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844)

  - OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) (CVE-2010-0840)

  - OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597) (CVE-2010-0841)

  - OpenJDK  No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
    (CVE-2010-0845)

  - JDK unspecified vulnerability in ImageIO component (CVE-2010-0846)

  - OpenJDK ImagingLib arbitrary code execution vulnerability (6914866) (CVE-2010-0847)

  - OpenJDK AWT Library Invalid Index Vulnerability (6914823) (CVE-2010-0848)

  - JDK unspecified vulnerability in Java2D component (CVE-2010-0849)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://kbase.redhat.com/faq/docs/DOC-20491");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2010/rhsa-2010_0337.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6dbc9390");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#critical");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=533125");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575736");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575740");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575747");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575755");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575756");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575760");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575764");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575769");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575772");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575775");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575808");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575818");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575846");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575854");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575865");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=575871");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578430");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578432");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578433");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578436");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578437");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=578440");
  # http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b93c78e2");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0337");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL java-1.6.0-sun package based on the guidance in RHSA-2010:0337.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-0849");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2009-3555");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java MixerSequencer Object GM_Song Structure Handling Vulnerability');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_cwe_id(190, 300, 367);
  script_set_attribute(attribute:"vendor_severity", value:"Critical");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/11");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-jdbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2010-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '5')) audit(AUDIT_OS_NOT, 'Red Hat 5.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/debug',
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/os',
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/source/SRPMS',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/debug',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/os',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/source/SRPMS',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/debug',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/os',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'java-1.6.0-sun-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-demo-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-demo-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-devel-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-devel-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-jdbc-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-jdbc-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-plugin-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-plugin-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-src-1.6.0.19-1jpp.1.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-sun-src-1.6.0.19-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.6.0-sun / java-1.6.0-sun-demo / java-1.6.0-sun-devel / etc');
}
VendorProductVersionCPE
redhatenterprise_linuxjava-1.6.0-sunp-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun
redhatenterprise_linuxjava-1.6.0-sun-demop-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-demo
redhatenterprise_linuxjava-1.6.0-sun-develp-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-devel
redhatenterprise_linuxjava-1.6.0-sun-jdbcp-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-jdbc
redhatenterprise_linuxjava-1.6.0-sun-pluginp-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-plugin
redhatenterprise_linuxjava-1.6.0-sun-srcp-cpe:/a:redhat:enterprise_linux:java-1.6.0-sun-src
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5

References

Related

openvas 28
nessus 37
redhat 9
suse 2
gentoo 1
fedora 3
securityvulns 11
oraclelinux 1
ubuntu 1
centos 1
ubuntucve 20
prion 19
cve 19
checkpoint_advisories 3
oracle 1
veracode 19
cert 1
zdi 8
saint 10
seebug 1
packetstorm 1
canvas 1
symantec 1
metasploit 1
openvas
openvas
HP-UX Update for Java HPSBUX02524
2010-06-07 00:00:00
Oracle Java SE Multiple Vulnerabilities (Windows)
2010-04-07 00:00:00
Oracle Java SE Multiple Vulnerabilities - Windows
2010-04-07 00:00:00
nessus
nessus
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 / 5 : IBM Java Runtime in Satellite Server (RHSA-2010:0471)
2010-06-15 00:00:00
SuSE 11.1 Security Update : IBM Java 6 (SAT Patch Number 2553)
2011-01-21 00:00:00
redhat
redhat
(RHSA-2010:0383) Critical: java-1.6.0-ibm security update
2010-04-29 00:00:00
(RHSA-2010:0338) Critical: java-1.5.0-sun security update
2010-03-31 00:00:00
(RHSA-2010:0337) Critical: java-1.6.0-sun security update
2010-03-31 00:00:00
suse
suse
remote code execution in java-1_5_0-ibm
2010-07-06 17:26:45
remote code execution in java-1_6_0-ibm
2010-07-01 17:43:53
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2010-06-04 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: java-1.6.0-openjdk-1.6.0.0-34.b17.fc11
2010-04-09 01:32:00
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-37.b17.fc13
2010-04-09 21:05:39
[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-37.b17.fc12
2010-04-09 01:28:22
securityvulns
securityvulns
[USN-923-1] OpenJDK vulnerabilities
2010-04-07 00:00:00
Oracle Sun Java multiple security vulnerabilities
2010-04-07 00:00:00
[security bulletin] HPSBMA02547 SSRT100179 rev.1 - HP Systems Insight Manager &#40;SIM&#41; for HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities
2010-07-18 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2010-04-08 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2010-04-07 00:00:00
centos
centos
java security update
2010-06-12 15:56:24
ubuntucve
ubuntucve
CVE-2010-0088
2010-04-01 00:00:00
CVE-2010-0084
2010-04-01 00:00:00
CVE-2010-0085
2010-04-01 00:00:00
prion
prion
Design/Logic Flaw
2010-04-01 16:30:00
Design/Logic Flaw
2010-04-01 16:30:00
Design/Logic Flaw
2010-04-01 16:30:00
cve
cve
CVE-2010-0084
2010-04-01 16:30:00
CVE-2010-0091
2010-04-01 16:30:00
CVE-2010-0093
2010-04-01 16:30:00
checkpoint_advisories
checkpoint_advisories
Java Signed Applet (CVE-2008-5353; CVE-2010-0094; CVE-2010-0840)
2011-11-01 00:00:00
Oracle Java SE MixerSequencer Object GM_Song Remote Code Execution (CVE-2010-0842)
2017-10-03 00:00:00
Oracle Java Soundbank Resource Name Stack Buffer Overflow (CVE-2010-0839)
2010-05-26 00:00:00
oracle
oracle
Security | Oracle Critical Patch Update - July 2010
2010-07-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:45:50
Privilege Escalation
2020-04-10 00:45:50
Access Restriction Bypass
2020-04-10 00:47:59
cert
cert
Oracle Sun Java fails to properly validate Java applet signatures
2010-04-02 00:00:00
zdi
zdi
Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability
2010-04-05 00:00:00
Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability
2010-04-05 00:00:00
Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability
2010-04-05 00:00:00
saint
saint
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
2010-04-22 00:00:00
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
2010-04-22 00:00:00
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
2010-04-22 00:00:00
seebug
seebug
Java RMIConnectionImpl Deserialization Privilege Escalation Exploit
2014-07-01 00:00:00
packetstorm
packetstorm
Java RMIConnectionImpl Deserialization Privilege Escalation Exploit
2010-09-09 00:00:00
canvas
canvas
Immunity Canvas: JAVA_DESERIALIZE2
2010-04-01 16:30:00
symantec
symantec
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
2010-03-30 00:00:00
metasploit
metasploit
Java RMIConnectionImpl Deserialization Privilege Escalation
2010-09-08 08:20:55

7.9 High

AI Score

Confidence

Low

JSON
Related for REDHAT-RHSA-2010-0337.NASL
openvas28nessus37redhat9suse2gentoo1fedora3securityvulns11oraclelinux1ubuntu1centos1ubuntucve20prion19cve19checkpoint_advisories3oracle1veracode19cert1zdi8saint10seebug1packetstorm1canvas1symantec1metasploit1