Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2024 Tenable Network Security, Inc.REDHAT-RHSA-2011-0880.NASL
HistoryJan 24, 2013 - 12:00 a.m.

RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)

2013-01-2400:00:00
This script is Copyright (C) 2013-2024 Tenable Network Security, Inc.
www.tenable.com
16

7.5 High

AI Score

Confidence

Low

JSON

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0880 advisory.

  • TLS: MITM attacks via session renegotiation (CVE-2009-3555)

  • krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005) (CVE-2010-1321)

  • OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004) (CVE-2010-3541, CVE-2010-3573)

  • OpenJDK DNS server IP address information leak (6957564) (CVE-2010-3548)

  • OpenJDK HttpURLConnection request splitting (6952017) (CVE-2010-3549)

  • JDK unspecified vulnerability in Java Web Start component (CVE-2010-3550, CVE-2010-3558)

  • OpenJDK local network address disclosure (6952603) (CVE-2010-3551)

  • OpenJDK Swing unsafe reflection usage (6622002) (CVE-2010-3553)

  • JDK unspecified vulnerability in Deployment component (CVE-2010-3555, CVE-2010-4422, CVE-2010-4447, CVE-2010-4452, CVE-2010-4463, CVE-2010-4466, CVE-2010-4467, CVE-2010-4475)

  • JDK unspecified vulnerability in 2D component (CVE-2010-3556, CVE-2010-3571)

  • OpenJDK Swing mutable static (6938813) (CVE-2010-3557)

  • JDK unspecified vulnerability in Networking component (CVE-2010-3560)

  • OpenJDK IndexColorModel double-free (6925710) (CVE-2010-3562)

  • OpenJDK: unspecified vulnerability in Deployment component (CVE-2010-3563)

  • OpenJDK JPEG writeImage remote code execution (6963023) (CVE-2010-3565)

  • OpenJDK ICC Profile remote code execution (6963489) (CVE-2010-3566)

  • OpenJDK Deserialization Race condition (6559775) (CVE-2010-3568)

  • OpenJDK Serialization inconsistencies (6966692) (CVE-2010-3569)

  • JDK unspecified vulnerability in Sound component (CVE-2010-3572, CVE-2010-4454, CVE-2010-4462, CVE-2010-4473)

  • OpenJDK HttpURLConnection incomplete TRACE permission check (6981426) (CVE-2010-3574)

  • OpenJDK DNS cache poisoning by untrusted applets (6981922) (CVE-2010-4448)

  • OpenJDK Swing timer-based security manager bypass (6907662) (CVE-2010-4465)

  • JDK unspecified vulnerability in JDBC component (CVE-2010-4468)

  • OpenJDK Java2D font-related system property leak (6985453) (CVE-2010-4471)

  • JDK Double.parseDouble Denial-Of-Service (CVE-2010-4476)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2011:0880. The text 
# itself is copyright (C) Red Hat, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(63983);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/21");

  script_cve_id(
    "CVE-2009-3555",
    "CVE-2010-1321",
    "CVE-2010-3541",
    "CVE-2010-3548",
    "CVE-2010-3549",
    "CVE-2010-3550",
    "CVE-2010-3551",
    "CVE-2010-3553",
    "CVE-2010-3555",
    "CVE-2010-3556",
    "CVE-2010-3557",
    "CVE-2010-3558",
    "CVE-2010-3560",
    "CVE-2010-3562",
    "CVE-2010-3563",
    "CVE-2010-3565",
    "CVE-2010-3566",
    "CVE-2010-3568",
    "CVE-2010-3569",
    "CVE-2010-3571",
    "CVE-2010-3572",
    "CVE-2010-3573",
    "CVE-2010-3574",
    "CVE-2010-4422",
    "CVE-2010-4447",
    "CVE-2010-4448",
    "CVE-2010-4452",
    "CVE-2010-4454",
    "CVE-2010-4462",
    "CVE-2010-4463",
    "CVE-2010-4465",
    "CVE-2010-4466",
    "CVE-2010-4467",
    "CVE-2010-4468",
    "CVE-2010-4471",
    "CVE-2010-4473",
    "CVE-2010-4475",
    "CVE-2010-4476"
  );
  script_bugtraq_id(
    43965,
    43971,
    43979,
    43985,
    43988,
    43999,
    44009,
    44011,
    44012,
    44014,
    44016,
    44017,
    44021,
    44024,
    44027,
    44028,
    44030,
    44032,
    44035,
    44038,
    44040,
    46091,
    46386,
    46388,
    46391,
    46393,
    46394,
    46395,
    46398,
    46399,
    46402,
    46403,
    46406,
    46409,
    46410,
    46411
  );
  script_xref(name:"RHSA", value:"2011:0880");

  script_name(english:"RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for Red Hat Network Satellite server IBM Java Runtime.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2011:0880 advisory.

  - TLS: MITM attacks via session renegotiation (CVE-2009-3555)

  - krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005) (CVE-2010-1321)

  - OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004) (CVE-2010-3541,
    CVE-2010-3573)

  - OpenJDK DNS server IP address information leak (6957564) (CVE-2010-3548)

  - OpenJDK HttpURLConnection request splitting (6952017) (CVE-2010-3549)

  - JDK unspecified vulnerability in Java Web Start component (CVE-2010-3550, CVE-2010-3558)

  - OpenJDK local network address disclosure (6952603) (CVE-2010-3551)

  - OpenJDK Swing unsafe reflection usage (6622002) (CVE-2010-3553)

  - JDK unspecified vulnerability in Deployment component (CVE-2010-3555, CVE-2010-4422, CVE-2010-4447,
    CVE-2010-4452, CVE-2010-4463, CVE-2010-4466, CVE-2010-4467, CVE-2010-4475)

  - JDK unspecified vulnerability in 2D component (CVE-2010-3556, CVE-2010-3571)

  - OpenJDK Swing mutable static (6938813) (CVE-2010-3557)

  - JDK unspecified vulnerability in Networking component (CVE-2010-3560)

  - OpenJDK IndexColorModel double-free (6925710) (CVE-2010-3562)

  - OpenJDK: unspecified vulnerability in Deployment component (CVE-2010-3563)

  - OpenJDK JPEG writeImage remote code execution (6963023) (CVE-2010-3565)

  - OpenJDK ICC Profile remote code execution (6963489) (CVE-2010-3566)

  - OpenJDK Deserialization Race condition (6559775) (CVE-2010-3568)

  - OpenJDK Serialization inconsistencies (6966692) (CVE-2010-3569)

  - JDK unspecified vulnerability in Sound component (CVE-2010-3572, CVE-2010-4454, CVE-2010-4462,
    CVE-2010-4473)

  - OpenJDK HttpURLConnection incomplete TRACE permission check (6981426) (CVE-2010-3574)

  - OpenJDK DNS cache poisoning by untrusted applets (6981922) (CVE-2010-4448)

  - OpenJDK Swing timer-based security manager bypass  (6907662) (CVE-2010-4465)

  - JDK unspecified vulnerability in JDBC component (CVE-2010-4468)

  - OpenJDK Java2D font-related system property leak (6985453) (CVE-2010-4471)

  - JDK Double.parseDouble Denial-Of-Service (CVE-2010-4476)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://www.ibm.com/developerworks/java/jdk/alerts/");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2011/rhsa-2011_0880.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fceae64d");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2011:0880");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#low");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=533125");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=582466");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639876");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639897");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639904");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639909");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639920");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639922");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=639925");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642167");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642180");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642187");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642202");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642215");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642558");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642559");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642573");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642576");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642585");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642589");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642593");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=642611");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=674336");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=675984");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=676019");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=676023");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677957");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677958");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677959");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677960");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677961");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677963");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677966");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677967");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677968");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677970");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=677971");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL Red Hat Network Satellite server IBM Java Runtime package based on the guidance in RHSA-2011:0880.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-4473");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2009-3555");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Sun Java Applet2ClassLoader Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_cwe_id(300, 476);
  script_set_attribute(attribute:"vendor_severity", value:"Low");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/06/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2024 Tenable Network Security, Inc.");

  script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '5')) audit(AUDIT_OS_NOT, 'Red Hat 5.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel/server/5/5Server/i386/satellite/5.4/os',
      'content/dist/rhel/server/5/5Server/i386/satellite/5.4/source/SRPMS',
      'content/dist/rhel/server/5/5Server/x86_64/satellite/5.4/os',
      'content/dist/rhel/server/5/5Server/x86_64/satellite/5.4/source/SRPMS',
      'content/dist/rhel/system-z/5/5Server/s390x/satellite/5.4/os',
      'content/dist/rhel/system-z/5/5Server/s390x/satellite/5.4/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'java-1.6.0-ibm-1.6.0.9.1-1jpp.1.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-ibm-1.6.0.9.1-1jpp.1.el5', 'cpu':'s390x', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-ibm-1.6.0.9.1-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-ibm-devel-1.6.0.9.1-1jpp.1.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-ibm-devel-1.6.0.9.1-1jpp.1.el5', 'cpu':'s390x', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
      {'reference':'java-1.6.0-ibm-devel-1.6.0.9.1-1jpp.1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.6.0-ibm / java-1.6.0-ibm-devel');
}
VendorProductVersionCPE
redhatenterprise_linuxjava-1.6.0-ibmp-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm
redhatenterprise_linuxjava-1.6.0-ibm-develp-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-devel
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5

References

Related

redhat 17
suse 6
nessus 79
openvas 52
cisco 1
oraclelinux 1
fedora 5
ubuntu 4
centos 1
securityvulns 1
vmware 2
prion 7
ubuntucve 7
cve 8
gentoo 1
debian 1
veracode 4
saint 1
canvas 1
redhat
redhat
(RHSA-2011:0880) Low: Red Hat Network Satellite server IBM Java Runtime security update
2011-06-16 00:00:00
(RHSA-2010:0987) Critical: java-1.6.0-ibm security and bug fix update
2010-12-15 00:00:00
(RHSA-2011:0357) Critical: java-1.6.0-ibm security update
2011-03-16 00:00:00
suse
suse
remote code execution in java-1_6_0-ibm,java-1_5_0-ibm,java-1_4_2-ibm
2011-03-22 13:32:34
remote code execution in java-1_4_2-ibm,IBMJava2-JRE
2010-12-17 11:21:31
remote code execution in java-1_6_0-ibm
2011-01-25 17:16:52
nessus
nessus
SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4109)
2011-03-22 00:00:00
RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2010:0987)
2010-12-16 00:00:00
RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2011:0357)
2011-03-17 00:00:00
openvas
openvas
HP-UX Update for Java HPSBUX02685
2011-06-06 00:00:00
Oracle Java SE Multiple Unspecified Vulnerabilities - Windows
2011-02-28 00:00:00
HP-UX Update for Java HPSBUX02685
2011-06-06 00:00:00
cisco
cisco
MIT Kerberos GSS-API Library Remote Denial of Service Vulnerability
2010-05-19 15:40:37
oraclelinux
oraclelinux
java-1.6.0-openjdk security and bug fix update
2010-10-13 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12
2010-10-21 06:04:44
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13
2010-10-19 07:04:11
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14
2010-10-18 05:38:07
ubuntu
ubuntu
OpenJDK vulnerabilities
2010-10-28 00:00:00
OpenJDK 6 vulnerabilities
2011-03-17 00:00:00
OpenJDK 6 vulnerabilities
2011-03-15 00:00:00
centos
centos
java security update
2010-10-14 10:59:21
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities / OpenJDK
2011-02-17 00:00:00
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
prion
prion
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
ubuntucve
ubuntucve
CVE-2010-4473
2011-02-17 00:00:00
CVE-2010-4462
2011-02-17 00:00:00
CVE-2010-4454
2011-02-17 00:00:00
cve
cve
CVE-2010-4454
2011-02-17 19:00:00
CVE-2010-4462
2011-02-17 19:00:00
CVE-2010-4473
2011-02-17 19:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
debian
debian
[SECURITY] [DSA 2161-2] OpenJDK security update
2011-02-14 20:05:54
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:57:57
Denial Of Service (DoS)
2020-04-10 00:57:56
Privilege Escalation
2020-04-10 00:57:54
saint
saint
Oracle Java Applet2ClassLoader Vulnerability
2011-05-05 00:00:00
canvas
canvas
Immunity Canvas: CVE_2010_4452
2011-02-17 19:00:00

7.5 High

AI Score

Confidence

Low

JSON
Related for REDHAT-RHSA-2011-0880.NASL
redhat17suse6nessus79openvas52cisco1oraclelinux1fedora5ubuntu4centos1securityvulns1vmware2prion7ubuntucve7cve8gentoo1debian1veracode4saint1canvas1