{"id": "OPENVAS:1361412562310812039", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows", "description": "The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.", "published": "2017-10-18T00:00:00", "modified": "2019-05-17T00:00:00", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812039", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"], "cvelist": ["CVE-2017-10350", "CVE-2016-10165"], "lastseen": "2019-05-29T18:34:54", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-10350", "CVE-2016-10165"]}, {"type": "f5", "idList": ["F5:K13500115"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851646", "OPENVAS:1361412562310703774", "OPENVAS:1361412562310843704", "OPENVAS:1361412562311220192601", "OPENVAS:1361412562311220192163", "OPENVAS:1361412562311220192401", "OPENVAS:1361412562310108381", "OPENVAS:1361412562311220201211", "OPENVAS:703774", "OPENVAS:1361412562311220201492"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-2401.NASL", "EULEROS_SA-2019-2601.NASL", "UBUNTU_USN-3770-1.NASL", "EULEROS_SA-2020-1492.NASL", "SUSE_SU-2018-3545-1.NASL", "REDHAT-RHSA-2016-2658.NASL", "DEBIAN_DSA-3774.NASL", "DEBIAN_DLA-803.NASL", "EULEROS_SA-2020-1211.NASL", "EULEROS_SA-2019-2163.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-803-1:F1E73", "DEBIAN:DSA-3774-1:C8935", "DEBIAN:DSA-4015-1:4398C", "DEBIAN:DLA-1187-1:57EAE", "DEBIAN:DSA-4048-1:C97BF"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B"]}, {"type": "ubuntu", "idList": ["USN-3770-2", "USN-3770-1", "USN-3473-1", "USN-3497-1"]}, {"type": "centos", "idList": ["CESA-2016:2658", "CESA-2017:3392", "CESA-2016:2079", "CESA-2017:2998"]}, {"type": "redhat", "idList": ["RHSA-2017:3264", "RHSA-2017:3046", "RHSA-2017:2998", "RHSA-2016:2658", "RHSA-2017:2999", "RHSA-2017:3267", "RHSA-2017:3268", "RHSA-2016:2079"]}, {"type": "suse", "idList": ["SUSE-SU-2017:3411-1", "OPENSUSE-SU-2017:2998-1", "SUSE-SU-2017:3440-1", "SUSE-SU-2017:3455-1", "SUSE-SU-2017:2989-1", "SUSE-SU-2017:3369-1", "SUSE-SU-2018:0061-1"]}, {"type": "aix", "idList": ["JAVA_OCT2017_ADVISORY.ASC"]}, {"type": "amazon", "idList": ["ALAS-2017-917"]}, {"type": "gentoo", "idList": ["GLSA-201711-14"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-2998", "ELSA-2017-3392"]}], "modified": "2019-05-29T18:34:54", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2019-05-29T18:34:54", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "1361412562310812039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:jre\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812039\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2017-10350\");\n script_bugtraq_id(101341, 95808);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-10-18 13:04:32 +0530 (Wed, 18 Oct 2017)\");\n script_name(\"Oracle Java SE Security Updates (oct2017-3236626) 04 - Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to a flaw in\n 'JAX-WS' component of the application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow attackers to partially access data and cause a partial denial of\n service conditions.\");\n\n script_tag(name:\"affected\", value:\"Oracle Java SE version 1.7.0.151 and earlier,\n 1.8.0.144 and earlier, 9.0 on Windows\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_java_prdts_detect_portable_win.nasl\");\n script_mandatory_keys(\"Sun/Java/JRE/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^((1\\.(7|8))|9)\")\n{\n if(version_in_range(version:vers, test_version:\"1.7.0\", test_version2:\"1.7.0.151\") ||\n version_in_range(version:vers, test_version:\"1.8.0\", test_version2:\"1.8.0.144\") ||\n vers == \"9.0\")\n {\n report = report_fixed_ver(installed_version:vers, fixed_version: \"Apply the patch\", install_path:path);\n security_message(data:report);\n exit(0);\n }\n}\nexit(0);\n", "naslFamily": "General"}

{"cve": [{"lastseen": "2020-10-03T12:10:39", "description": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-02-03T19:59:00", "title": "CVE-2016-10165", "type": "cve", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10165"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:opensuse:leap:42.1", "cpe:/a:littlecms:little_cms_color_engine:*"], "id": "CVE-2016-10165", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10165", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T13:07:31", "description": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2017-10-19T17:29:00", "title": "CVE-2017-10350", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10350"], "modified": "2020-09-08T12:59:00", "cpe": ["cpe:/a:oracle:jre:1.9.0", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:oracle:jdk:1.9.0", "cpe:/a:oracle:jdk:1.8.0"], "id": "CVE-2017-10350", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10350", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_151:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_144:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-09-14T01:58:07", "bulletinFamily": "software", "cvelist": ["CVE-2016-10165"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP AAM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP AFM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP Analytics | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP APM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP ASM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP DNS | None | 13.0.0 \n12.0.0 - 12.1.2 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.2.1 | Not vulnerable | None \nBIG-IP GTM | None | 11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP Link Controller | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1 | Not vulnerable | None \nBIG-IP PEM | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 | Not vulnerable | None \nBIG-IP PSM | None | 11.4.1 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.2.1 | Not vulnerable | None \nBIG-IP WebSafe | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1 | Not vulnerable | None \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.4.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nBIG-IQ Centralized Management | None | 5.0.0 - 5.3.0 \n4.6.0 | Not vulnerable | None \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | Not vulnerable | None \nF5 iWorkflow | None | 2.0.0 - 2.3.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None \nTraffix SDC | None | 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0 | Not vulnerable | None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2017-09-14T01:08:00", "published": "2017-09-14T01:08:00", "href": "https://support.f5.com/csp/article/K13500115", "id": "F5:K13500115", "title": "Little CMS (aka lcms2) vulnerability CVE-2016-10165", "type": "f5", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:34:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-10350", "CVE-2016-10165"], "description": "The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2017-10-18T00:00:00", "id": "OPENVAS:1361412562310108381", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108381", "type": "openvas", "title": "Oracle Java SE Security Updates (oct2017-3236626) 04 - Linux", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle Java SE Security Updates (oct2017-3236626) 04 - Linux\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:jre\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108381\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2017-10350\");\n script_bugtraq_id(101341, 95808);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-10-18 13:04:32 +0530 (Wed, 18 Oct 2017)\");\n script_name(\"Oracle Java SE Security Updates (oct2017-3236626) 04 - Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to a flaw in\n 'JAX-WS' component of the application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow attackers to partially access data and cause a partial denial of\n service conditions.\");\n\n script_tag(name:\"affected\", value:\"Oracle Java SE version 1.7.0.151 and earlier,\n 1.8.0.144 and earlier, 9.0 on Linux\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_java_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/Java/JRE/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(vers =~ \"^((1\\.(7|8))|9)\")\n{\n if(version_in_range(version:vers, test_version:\"1.7.0\", test_version2:\"1.7.0.151\") ||\n version_in_range(version:vers, test_version:\"1.8.0\", test_version2:\"1.8.0.144\") ||\n vers == \"9.0\")\n {\n report = report_fixed_ver(installed_version:vers, fixed_version: \"Apply the patch\", install_path:path);\n security_message(data:report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-07-24T12:58:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "Ibrahim M. El-Sayed discovered an\nout-of-bounds heap read vulnerability in the function Type_MLU_Read in lcms2,\nthe Little CMS 2 color management library, which can be triggered by an image\nwith a specially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.", "modified": "2017-07-07T00:00:00", "published": "2017-01-29T00:00:00", "id": "OPENVAS:703774", "href": "http://plugins.openvas.org/nasl.php?oid=703774", "type": "openvas", "title": "Debian Security Advisory DSA 3774-1 (lcms2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3774.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3774-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703774);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-10165\");\n script_name(\"Debian Security Advisory DSA 3774-1 (lcms2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-01-29 00:00:00 +0100 (Sun, 29 Jan 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3774.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"lcms2 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 2.6-3+deb8u1.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), this problem has been fixed in version 2.8-4.\n\nWe recommend that you upgrade your lcms2 packages.\");\n script_tag(name: \"summary\", value: \"Ibrahim M. El-Sayed discovered an\nout-of-bounds heap read vulnerability in the function Type_MLU_Read in lcms2,\nthe Little CMS 2 color management library, which can be triggered by an image\nwith a specially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"liblcms2-2:amd64\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-2:i386\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"liblcms2-dbg:amd64\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-dbg:i386\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"liblcms2-dev:amd64\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-dev:i386\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\n\nif ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.6-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-2:amd64\", ver:\"2.8-4\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-2:i386\", ver:\"2.8-4\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-dev:amd64\", ver:\"2.8-4\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-dev:i386\", ver:\"2.8-4\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.8-4\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-14T16:48:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-13T00:00:00", "published": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201211", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2020-1211)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1211\");\n script_version(\"2020-03-13T07:15:01+0000\");\n script_cve_id(\"CVE-2016-10165\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:15:01 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:15:01 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2020-1211)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1211\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1211\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2020-1211 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.(CVE-2016-10165)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.6~3.h2\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-04-17T16:56:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-04-16T00:00:00", "published": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201492", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201492", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2020-1492)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1492\");\n script_version(\"2020-04-16T05:58:31+0000\");\n script_cve_id(\"CVE-2016-10165\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:58:31 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:58:31 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2020-1492)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1492\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1492\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2020-1492 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.(CVE-2016-10165)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.6~3.h2.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:34:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192601", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192601", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2601)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2601\");\n script_version(\"2020-01-23T13:08:54+0000\");\n script_cve_id(\"CVE-2016-10165\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:08:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:08:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2601)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2601\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2601\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2019-2601 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.(CVE-2016-10165)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.6~3.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192401", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192401", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2401)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2401\");\n script_version(\"2020-01-23T12:53:27+0000\");\n script_cve_id(\"CVE-2016-10165\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:53:27 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:53:27 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2401)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2401\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2401\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2019-2401 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.(CVE-2016-10165)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.6~3.h1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-27T18:38:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192163", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192163", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2163)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2163\");\n script_version(\"2020-01-23T12:37:22+0000\");\n script_cve_id(\"CVE-2016-10165\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:37:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:37:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2163)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2163\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2163\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2019-2163 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.(CVE-2016-10165)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.6~3.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "description": "Ibrahim M. El-Sayed discovered an\nout-of-bounds heap read vulnerability in the function Type_MLU_Read in lcms2,\nthe Little CMS 2 color management library, which can be triggered by an image\nwith a specially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.", "modified": "2019-03-18T00:00:00", "published": "2017-01-29T00:00:00", "id": "OPENVAS:1361412562310703774", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703774", "type": "openvas", "title": "Debian Security Advisory DSA 3774-1 (lcms2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3774.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3774-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703774\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-10165\");\n script_name(\"Debian Security Advisory DSA 3774-1 (lcms2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-29 00:00:00 +0100 (Sun, 29 Jan 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3774.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|9)\");\n script_tag(name:\"affected\", value:\"lcms2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 2.6-3+deb8u1.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), this problem has been fixed in version 2.8-4.\n\nWe recommend that you upgrade your lcms2 packages.\");\n script_tag(name:\"summary\", value:\"Ibrahim M. El-Sayed discovered an\nout-of-bounds heap read vulnerability in the function Type_MLU_Read in lcms2,\nthe Little CMS 2 color management library, which can be triggered by an image\nwith a specially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"liblcms2-2:amd64\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-2:i386\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"liblcms2-dbg:amd64\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-dbg:i386\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"liblcms2-dev:amd64\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-dev:i386\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\n\nif((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.6-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-2:amd64\", ver:\"2.8-4\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-2:i386\", ver:\"2.8-4\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-dev:amd64\", ver:\"2.8-4\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-dev:i386\", ver:\"2.8-4\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.8-4\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310843704", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843704", "type": "openvas", "title": "Ubuntu Update for lcms2 USN-3770-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3770_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for lcms2 USN-3770-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843704\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:08:52 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for lcms2 USN-3770-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3770-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3770-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the USN-3770-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to cause a denial of\nservice. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode. (CVE-2018-16435)\");\n\n script_tag(name:\"affected\", value:\"lcms2 on Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.5-0ubuntu4.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.5-0ubuntu4.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.9-1ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.9-1ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.6-3ubuntu2.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.6-3ubuntu2.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-31T18:28:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9840", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2016-9842", "CVE-2017-10347", "CVE-2017-10285", "CVE-2016-9843", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2017-11-13T00:00:00", "id": "OPENVAS:1361412562310851646", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851646", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2017:2998-1)", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851646\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-11-13 07:24:54 +0100 (Mon, 13 Nov 2017)\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2016-9840\", \"CVE-2016-9841\", \"CVE-2016-9842\", \"CVE-2016-9843\", \"CVE-2017-10274\", \"CVE-2017-10281\", \"CVE-2017-10285\", \"CVE-2017-10295\", \"CVE-2017-10345\", \"CVE-2017-10346\", \"CVE-2017-10347\", \"CVE-2017-10348\", \"CVE-2017-10349\", \"CVE-2017-10350\", \"CVE-2017-10355\", \"CVE-2017-10356\", \"CVE-2017-10357\", \"CVE-2017-10388\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2017:2998-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_8_0-openjdk'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for java-1_8_0-openjdk fixes the following issues:\n\n - Update to version jdk8u151 (icedtea 3.6.0)\n\n Security issues fixed:\n\n - CVE-2017-10274: Handle smartcard clean up better (bsc#1064071)\n\n - CVE-2017-10281: Better queuing priorities (bsc#1064072)\n\n - CVE-2017-10285: Unreferenced references (bsc#1064073)\n\n - CVE-2017-10295: Better URL connections (bsc#1064075)\n\n - CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086)\n\n - CVE-2017-10346: Better invokespecial checks (bsc#1064078)\n\n - CVE-2017-10350: Better Base Exceptions (bsc#1064082)\n\n - CVE-2017-10347: Better timezone processing (bsc#1064079)\n\n - CVE-2017-10349: Better X processing (bsc#1064081)\n\n - CVE-2017-10345: Better keystore handling (bsc#1064077)\n\n - CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)\n\n - CVE-2017-10357: Process Proxy presentation (bsc#1064085)\n\n - CVE-2017-10355: More stable connection processing (bsc#1064083)\n\n - CVE-2017-10356: Update storage implementations (bsc#1064084)\n\n - CVE-2016-10165: Improve CMS header processing (bsc#1064069)\n\n - CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade\n compression library (bsc#1064070)\n\n Bug fixes:\n\n - Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and overlayfs\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"java-1_8_0-openjdk on openSUSE Leap 42.3, openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:2998-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.2|openSUSELeap42\\.3)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk\", rpm:\"java-1_8_0-openjdk~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-accessibility\", rpm:\"java-1_8_0-openjdk-accessibility~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debuginfo\", rpm:\"java-1_8_0-openjdk-debuginfo~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debugsource\", rpm:\"java-1_8_0-openjdk-debugsource~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo\", rpm:\"java-1_8_0-openjdk-demo~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo-debuginfo\", rpm:\"java-1_8_0-openjdk-demo-debuginfo~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel\", rpm:\"java-1_8_0-openjdk-devel~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel-debuginfo\", rpm:\"java-1_8_0-openjdk-devel-debuginfo~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless\", rpm:\"java-1_8_0-openjdk-headless~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless-debuginfo\", rpm:\"java-1_8_0-openjdk-headless-debuginfo~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-src\", rpm:\"java-1_8_0-openjdk-src~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-javadoc\", rpm:\"java-1_8_0-openjdk-javadoc~1.8.0.151~10.18.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk\", rpm:\"java-1_8_0-openjdk~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-accessibility\", rpm:\"java-1_8_0-openjdk-accessibility~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debuginfo\", rpm:\"java-1_8_0-openjdk-debuginfo~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debugsource\", rpm:\"java-1_8_0-openjdk-debugsource~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo\", rpm:\"java-1_8_0-openjdk-demo~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo-debuginfo\", rpm:\"java-1_8_0-openjdk-demo-debuginfo~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel\", rpm:\"java-1_8_0-openjdk-devel~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel-debuginfo\", rpm:\"java-1_8_0-openjdk-devel-debuginfo~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless\", rpm:\"java-1_8_0-openjdk-headless~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless-debuginfo\", rpm:\"java-1_8_0-openjdk-headless-debuginfo~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-src\", rpm:\"java-1_8_0-openjdk-src~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-javadoc\", rpm:\"java-1_8_0-openjdk-javadoc~1.8.0.151~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:06:52", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3774-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJanuary 29, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : lcms2\nCVE ID : CVE-2016-10165\nDebian Bug : 852627\n\nIbrahim M. El-Sayed discovered an out-of-bounds heap read vulnerability\nin the function Type_MLU_Read in lcms2, the Little CMS 2 color\nmanagement library, which can be triggered by an image with a specially\ncrafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6-3+deb8u1.\n\nFor the testing distribution (stretch) and the unstable distribution\n(sid), this problem has been fixed in version 2.8-4.\n\nWe recommend that you upgrade your lcms2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 12, "modified": "2017-01-29T10:47:33", "published": "2017-01-29T10:47:33", "id": "DEBIAN:DSA-3774-1:C8935", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00025.html", "title": "[SECURITY] [DSA 3774-1] lcms2 security update", "type": "debian", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-30T02:21:26", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165"], "description": "Package : lcms2\nVersion : 2.2+git20110628-2.2+deb7u2\nCVE ID : CVE-2016-10165\nDebian Bug : https://bugs.debian.org/852627\n\nAn out of bounds read was found in lcms2, which can lead to heap memory\nleak or denial of service via a specially-crafted ICC profile.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n2.2+git20110628-2.2+deb7u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2017-01-26T18:43:55", "published": "2017-01-26T18:43:55", "id": "DEBIAN:DLA-803-1:F1E73", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201701/msg00038.html", "title": "[SECURITY] [DLA 803-1] lcms2 security update", "type": "debian", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-08-12T01:10:00", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4015-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 02, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-8\nCVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285\n CVE-2017-10295 CVE-2017-10345 CVE-2017-10346\n\t\t CVE-2017-10347 CVE-2017-10348 CVE-2017-10349\n\t\t CVE-2017-10350 CVE-2017-10355 CVE-2017-10356\n CVE-2017-10357 CVE-2017-10388\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in impersonation\nof Kerberos services, denial of service, sandbox bypass or HTTP header\ninjection.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 8u151-b12-1~deb9u1.\n\nWe recommend that you upgrade your openjdk-8 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 11, "modified": "2017-11-02T21:44:21", "published": "2017-11-02T21:44:21", "id": "DEBIAN:DSA-4015-1:4398C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00277.html", "title": "[SECURITY] [DSA 4015-1] openjdk-8 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:52", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "Package : openjdk-7\nVersion : 7u151-2.6.11-2~deb7u2\nCVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295\n CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348\n CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356\n CVE-2017-10357 CVE-2017-10388\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in impersonation\nof Kerberos services, denial of service, unauthorized access, sandbox\nbypass or HTTP header injection.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n7u151-2.6.11-2~deb7u2.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2017-11-23T17:32:02", "published": "2017-11-23T17:32:02", "id": "DEBIAN:DLA-1187-1:57EAE", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201711/msg00033.html", "title": "[SECURITY] [DLA 1187-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:51:14", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4048-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 23, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-7\nCVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 \n CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 \n CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 \n CVE-2017-10357 CVE-2017-10388\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in impersonation\nof Kerberos services, denial of service, sandbox bypass or HTTP header\ninjection.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 7u151-2.6.11-2~deb8u1.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFor the detailed security status of openjdk-7 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openjdk-7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2017-11-23T22:11:38", "published": "2017-11-23T22:11:38", "id": "DEBIAN:DSA-4048-1:C97BF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00311.html", "title": "[SECURITY] [DSA 4048-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T09:01:30", "description": "According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2019-12-18T00:00:00", "title": "EulerOS 2.0 SP3 : lcms2 (EulerOS-SA-2019-2601)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:lcms2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2601.NASL", "href": "https://www.tenable.com/plugins/nessus/132136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132136);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10165\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : lcms2 (EulerOS-SA-2019-2601)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2601\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1ec8f912\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T08:59:52", "description": "According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2019-11-12T00:00:00", "title": "EulerOS 2.0 SP5 : lcms2 (EulerOS-SA-2019-2163)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2019-11-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:lcms2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2163.NASL", "href": "https://www.tenable.com/plugins/nessus/130872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130872);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10165\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : lcms2 (EulerOS-SA-2019-2163)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2163\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f6cf8dc1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-12T09:50:04", "description": "Ibrahim M. El-Sayed discovered an out-of-bounds heap read\nvulnerability in the function Type_MLU_Read in lcms2, the Little CMS 2\ncolor management library, which can be triggered by an image with a\nspecially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.", "edition": 25, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2017-01-30T00:00:00", "title": "Debian DSA-3774-1 : lcms2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2017-01-30T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:lcms2"], "id": "DEBIAN_DSA-3774.NASL", "href": "https://www.tenable.com/plugins/nessus/96843", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3774. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96843);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10165\");\n script_xref(name:\"DSA\", value:\"3774\");\n\n script_name(english:\"Debian DSA-3774-1 : lcms2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ibrahim M. El-Sayed discovered an out-of-bounds heap read\nvulnerability in the function Type_MLU_Read in lcms2, the Little CMS 2\ncolor management library, which can be triggered by an image with a\nspecially crafted ICC profile and leading to a heap memory leak or\ndenial-of-service for applications using the lcms2 library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/lcms2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3774\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the lcms2 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6-3+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-2\", reference:\"2.6-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-dbg\", reference:\"2.6-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-dev\", reference:\"2.6-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-utils\", reference:\"2.6-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T09:03:02", "description": "According to the version of the lcms2 package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2020-03-13T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : lcms2 (EulerOS-SA-2020-1211)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2020-03-13T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:lcms2"], "id": "EULEROS_SA-2020-1211.NASL", "href": "https://www.tenable.com/plugins/nessus/134500", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134500);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10165\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : lcms2 (EulerOS-SA-2020-1211)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1211\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?783a6e51\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T09:00:50", "description": "According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2019-12-10T00:00:00", "title": "EulerOS 2.0 SP2 : lcms2 (EulerOS-SA-2019-2401)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2019-12-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:lcms2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2401.NASL", "href": "https://www.tenable.com/plugins/nessus/131893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131893);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10165\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : lcms2 (EulerOS-SA-2019-2401)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2401\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?61673fc5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-12T09:44:15", "description": "An out of bounds read was found in lcms2, which can lead to heap\nmemory leak or denial of service via a specially crafted ICC profile.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.2+git20110628-2.2+deb7u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2017-01-27T00:00:00", "title": "Debian DLA-803-1 : lcms2 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2017-01-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:liblcms2-dev", "p-cpe:/a:debian:debian_linux:liblcms2-utils", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:liblcms2-2"], "id": "DEBIAN_DLA-803.NASL", "href": "https://www.tenable.com/plugins/nessus/96818", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-803-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96818);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10165\");\n\n script_name(english:\"Debian DLA-803-1 : lcms2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out of bounds read was found in lcms2, which can lead to heap\nmemory leak or denial of service via a specially crafted ICC profile.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.2+git20110628-2.2+deb7u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/01/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/lcms2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"liblcms2-2\", reference:\"2.2+git20110628-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"liblcms2-dev\", reference:\"2.2+git20110628-2.2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"liblcms2-utils\", reference:\"2.2+git20110628-2.2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-07T09:04:00", "description": "According to the version of the lcms2 package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2020-04-16T00:00:00", "title": "EulerOS Virtualization 3.0.2.2 : lcms2 (EulerOS-SA-2020-1492)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10165"], "modified": "2020-04-16T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.2", "p-cpe:/a:huawei:euleros:lcms2"], "id": "EULEROS_SA-2020-1492.NASL", "href": "https://www.tenable.com/plugins/nessus/135654", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135654);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-10165\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : lcms2 (EulerOS-SA-2020-1492)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - The Type_MLU_Read function in cmstypes.c in Little CMS\n (aka lcms2) allows remote attackers to obtain sensitive\n information or cause a denial of service via an image\n with a crafted ICC profile, which triggers an\n out-of-bounds heap read.(CVE-2016-10165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1492\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?633910c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-14T06:16:03", "description": "This update for lcms2 fixes the following security issues :\n\nCVE-2016-10165: The Type_MLU_Read function allowed remote attackers to\nobtain sensitive information or cause a denial of service via an image\nwith a crafted ICC profile, which triggered an out-of-bounds heap read\n(bsc#1021364).\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nEnsure that LUT stages match channel count (bsc#1026649).\n\nsanitize input and output channels on MPE profiles (bsc#1026650).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2018-10-30T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : lcms2 (SUSE-SU-2018:3545-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "modified": "2018-10-30T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:liblcms2-2", "p-cpe:/a:novell:suse_linux:lcms2", "p-cpe:/a:novell:suse_linux:lcms2-debuginfo", "p-cpe:/a:novell:suse_linux:lcms2-debugsource", "p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo", "p-cpe:/a:novell:suse_linux:liblcms2"], "id": "SUSE_SU-2018-3545-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3545-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118500);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-10165\", \"CVE-2018-16435\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : lcms2 (SUSE-SU-2018:3545-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for lcms2 fixes the following security issues :\n\nCVE-2016-10165: The Type_MLU_Read function allowed remote attackers to\nobtain sensitive information or cause a denial of service via an image\nwith a crafted ICC profile, which triggered an out-of-bounds heap read\n(bsc#1021364).\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nEnsure that LUT stages match channel count (bsc#1026649).\n\nsanitize input and output channels on MPE profiles (bsc#1026650).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16435/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183545-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5ab5393\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2512=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2512=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2512=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-debugsource-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-debuginfo-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-debugsource-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-debuginfo-32bit-2.7-9.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-09-18T10:56:50", "description": "Ibrahim El-Sayed discovered that Little CMS incorrectly handled\ncertain files. An attacker could possibly use this issue to cause a\ndenial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode. (CVE-2018-16435).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2018-09-21T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Little CMS vulnerabilities (USN-3770-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "modified": "2018-09-21T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:liblcms2-utils", "p-cpe:/a:canonical:ubuntu_linux:liblcms2-2", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3770-1.NASL", "href": "https://www.tenable.com/plugins/nessus/117631", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3770-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117631);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2016-10165\", \"CVE-2018-16435\");\n script_xref(name:\"USN\", value:\"3770-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Little CMS vulnerabilities (USN-3770-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ibrahim El-Sayed discovered that Little CMS incorrectly handled\ncertain files. An attacker could possibly use this issue to cause a\ndenial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode. (CVE-2018-16435).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3770-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected liblcms2-2 and / or liblcms2-utils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:liblcms2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liblcms2-2\", pkgver:\"2.5-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"liblcms2-utils\", pkgver:\"2.5-0ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liblcms2-2\", pkgver:\"2.6-3ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"liblcms2-utils\", pkgver:\"2.6-3ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"liblcms2-2\", pkgver:\"2.9-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"liblcms2-utils\", pkgver:\"2.9-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"liblcms2-2 / liblcms2-utils\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-01-01T05:09:02", "description": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise\nLinux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nIBM Java SE version 7 Release 1 includes the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP15.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Further\ninformation about these flaws can be found on the IBM Java Security\nVulnerabilities page listed in the References section.\n(CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295,\nCVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348,\nCVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356,\nCVE-2017-10357, CVE-2017-10388)", "edition": 27, "cvss3": {"score": 9.6, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2017-11-29T00:00:00", "title": "RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2017:3268)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2017-10345"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc", "p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-plugin", "p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-devel", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-demo", "p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-src"], "id": "REDHAT-RHSA-2017-3268.NASL", "href": "https://www.tenable.com/plugins/nessus/104840", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3268. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104840);\n script_version(\"3.10\");\n script_cvs_date(\"Date: 2019/10/24 15:35:44\");\n\n script_cve_id(\"CVE-2016-10165\", \"CVE-2017-10281\", \"CVE-2017-10285\", \"CVE-2017-10295\", \"CVE-2017-10345\", \"CVE-2017-10346\", \"CVE-2017-10347\", \"CVE-2017-10348\", \"CVE-2017-10349\", \"CVE-2017-10350\", \"CVE-2017-10355\", \"CVE-2017-10356\", \"CVE-2017-10357\", \"CVE-2017-10388\");\n script_xref(name:\"RHSA\", value:\"2017:3268\");\n\n script_name(english:\"RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2017:3268)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.7.1-ibm is now available for Red Hat Enterprise\nLinux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nIBM Java SE version 7 Release 1 includes the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP15.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Further\ninformation about these flaws can be found on the IBM Java Security\nVulnerabilities page listed in the References section.\n(CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295,\nCVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348,\nCVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356,\nCVE-2017-10357, CVE-2017-10388)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://developer.ibm.com/javasdk/support/security-vulnerabilities/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:3268\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-10165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10355\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10388\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3268\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-demo-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-demo-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-demo-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-devel-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-devel-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-devel-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-jdbc-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-jdbc-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-jdbc-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-plugin-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-plugin-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.1-ibm-src-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-src-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-src-1.7.1.4.15-1jpp.3.el6_9\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"java-1.7.1-ibm-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-demo-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-demo-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"java-1.7.1-ibm-devel-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-jdbc-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-jdbc-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-plugin-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.1-ibm-src-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.1-ibm-src-1.7.1.4.15-1jpp.2.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.1-ibm / java-1.7.1-ibm-demo / java-1.7.1-ibm-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:54", "bulletinFamily": "software", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-16435)\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.238.0\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.25.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.238.0 or later.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.25.0 or later.\n\n# References\n\n * [USN-3770-1](<https://usn.ubuntu.com/3770-1>)\n * [CVE-2016-10165](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10165>)\n * [CVE-2018-16435](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16435>)\n", "edition": 2, "modified": "2018-09-25T00:00:00", "published": "2018-09-25T00:00:00", "id": "CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B", "href": "https://www.cloudfoundry.org/blog/usn-3770-1/", "title": "USN-3770-1: Little CMS vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2018-16435)", "edition": 3, "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-1", "href": "https://ubuntu.com/security/notices/USN-3770-1", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-07-02T11:37:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4276", "CVE-2018-16435", "CVE-2016-10165"], "description": "USN-3770-1 fixed a vulnerability in Little CMS. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nPedro Ribeiro discoreved that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2013-4276)\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2018-16435)", "edition": 4, "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-2", "href": "https://ubuntu.com/security/notices/USN-3770-2", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-07-02T11:36:08", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "It was discovered that the Smart Card IO subsystem in OpenJDK did not \nproperly maintain state. An attacker could use this to specially construct \nan untrusted Java application or applet to gain access to a smart card, \nbypassing sandbox restrictions. (CVE-2017-10274)\n\nGaston Traberg discovered that the Serialization component of OpenJDK did \nnot properly limit the amount of memory allocated when performing \ndeserializations. An attacker could use this to cause a denial of service \n(memory exhaustion). (CVE-2017-10281)\n\nIt was discovered that the Remote Method Invocation (RMI) component in \nOpenJDK did not properly handle unreferenced objects. An attacker could use \nthis to specially construct an untrusted Java application or applet that \ncould escape sandbox restrictions. (CVE-2017-10285)\n\nIt was discovered that the HTTPUrlConnection classes in OpenJDK did not \nproperly handle newlines. An attacker could use this to convince a Java \napplication or applet to inject headers into http requests. \n(CVE-2017-10295)\n\nFrancesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi \ndiscovered that the Serialization component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing objects from \nJava Cryptography Extension KeyStore (JCEKS). An attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2017-10345)\n\nIt was discovered that the Hotspot component of OpenJDK did not properly \nperform loader checks when handling the invokespecial JVM instruction. An \nattacker could use this to specially construct an untrusted Java \napplication or applet that could escape sandbox restrictions. \n(CVE-2017-10346)\n\nGaston Traberg discovered that the Serialization component of OpenJDK did \nnot properly limit the amount of memory allocated when performing \ndeserializations in the SimpleTimeZone class. An attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2017-10347)\n\nIt was discovered that the Serialization component of OpenJDK did not \nproperly limit the amount of memory allocated when performing \ndeserializations. An attacker could use this to cause a denial of service \n(memory exhaustion). (CVE-2017-10348, CVE-2017-10357)\n\nIt was discovered that the JAXP component in OpenJDK did not properly limit \nthe amount of memory allocated when performing deserializations. An \nattacker could use this to cause a denial of service (memory exhaustion). \n(CVE-2017-10349)\n\nIt was discovered that the JAX-WS component in OpenJDK did not properly \nlimit the amount of memory allocated when performing deserializations. An \nattacker could use this to cause a denial of service (memory exhaustion). \n(CVE-2017-10350)\n\nIt was discovered that the Networking component of OpenJDK did not properly \nset timeouts on FTP client actions. A remote attacker could use this to \ncause a denial of service (application hang). (CVE-2017-10355)\n\nFrancesco Palmarini, Marco Squarcina, Mauro Tempesta, Riccardo Focardi, and \nTobias Ospelt discovered that the Security component in OpenJDK did not \nsufficiently protect password-based encryption keys in key stores. An \nattacker could use this to expose sensitive information. (CVE-2017-10356)\n\nJeffrey Altman discovered that the Kerberos client implementation in \nOpenJDK incorrectly trusted unauthenticated portions of Kerberos tickets. A \nremote attacker could use this to impersonate trusted network services or \nperform other attacks. (CVE-2017-10388)", "edition": 5, "modified": "2017-11-29T00:00:00", "published": "2017-11-29T00:00:00", "id": "USN-3497-1", "href": "https://ubuntu.com/security/notices/USN-3497-1", "title": "OpenJDK 7 vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:41:01", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "It was discovered that the Smart Card IO subsystem in OpenJDK did not \nproperly maintain state. An attacker could use this to specially construct \nan untrusted Java application or applet to gain access to a smart card, \nbypassing sandbox restrictions. (CVE-2017-10274)\n\nGaston Traberg discovered that the Serialization component of OpenJDK did \nnot properly limit the amount of memory allocated when performing \ndeserializations. An attacker could use this to cause a denial of service \n(memory exhaustion). (CVE-2017-10281)\n\nIt was discovered that the Remote Method Invocation (RMI) component in \nOpenJDK did not properly handle unreferenced objects. An attacker could use \nthis to specially construct an untrusted Java application or applet that \ncould escape sandbox restrictions. (CVE-2017-10285)\n\nIt was discovered that the HTTPUrlConnection classes in OpenJDK did not \nproperly handle newlines. An attacker could use this to convince a Java \napplication or applet to inject headers into http requests. \n(CVE-2017-10295)\n\nFrancesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi \ndiscovered that the Serialization component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing objects from \nJava Cryptography Extension KeyStore (JCEKS). An attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2017-10345)\n\nIt was discovered that the Hotspot component of OpenJDK did not properly \nperform loader checks when handling the invokespecial JVM instruction. An \nattacker could use this to specially construct an untrusted Java \napplication or applet that could escape sandbox restrictions. \n(CVE-2017-10346)\n\nGaston Traberg discovered that the Serialization component of OpenJDK did \nnot properly limit the amount of memory allocated when performing \ndeserializations in the SimpleTimeZone class. An attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2017-10347)\n\nIt was discovered that the Serialization component of OpenJDK did not \nproperly limit the amount of memory allocated when performing \ndeserializations. An attacker could use this to cause a denial of service \n(memory exhaustion). (CVE-2017-10348, CVE-2017-10357)\n\nIt was discovered that the JAXP component in OpenJDK did not properly limit \nthe amount of memory allocated when performing deserializations. An \nattacker could use this to cause a denial of service (memory exhaustion). \n(CVE-2017-10349)\n\nIt was discovered that the JAX-WS component in OpenJDK did not properly \nlimit the amount of memory allocated when performing deserializations. An \nattacker could use this to cause a denial of service (memory exhaustion). \n(CVE-2017-10350)\n\nIt was discovered that the Networking component of OpenJDK did not properly \nset timeouts on FTP client actions. A remote attacker could use this to \ncause a denial of service (application hang). (CVE-2017-10355)\n\nFrancesco Palmarini, Marco Squarcina, Mauro Tempesta, Riccardo Focardi, and \nTobias Ospelt discovered that the Security component in OpenJDK did not \nsufficiently protect password-based encryption keys in key stores. An \nattacker could use this to expose sensitive information. (CVE-2017-10356)\n\nJeffrey Altman discovered that the Kerberos client implementation in \nOpenJDK incorrectly trusted unauthenticated portions of Kerberos tickets. A \nremote attacker could use this to impersonate trusted network services or \nperform other attacks. (CVE-2017-10388)", "edition": 5, "modified": "2017-11-08T00:00:00", "published": "2017-11-08T00:00:00", "id": "USN-3473-1", "href": "https://ubuntu.com/security/notices/USN-3473-1", "title": "OpenJDK 8 vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10295", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP15.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "modified": "2018-06-07T18:21:40", "published": "2017-11-29T01:28:12", "id": "RHSA-2017:3268", "href": "https://access.redhat.com/errata/RHSA-2017:3268", "type": "redhat", "title": "(RHSA-2017:3268) Critical: java-1.7.1-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10295", "CVE-2017-10309", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP5.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "modified": "2018-05-05T00:27:29", "published": "2017-11-27T22:52:25", "id": "RHSA-2017:3264", "href": "https://access.redhat.com/errata/RHSA-2017:3264", "type": "redhat", "title": "(RHSA-2017:3264) Critical: java-1.8.0-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:02", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10295", "CVE-2017-10309", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP5.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "modified": "2018-06-07T18:21:46", "published": "2017-11-29T01:27:53", "id": "RHSA-2017:3267", "href": "https://access.redhat.com/errata/RHSA-2017:3267", "type": "redhat", "title": "(RHSA-2017:3267) Critical: java-1.8.0-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:23", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597"], "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582)\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573)\n\n* It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542)\n\nNote: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms.\n\n* A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554)\n\n* A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597)\n\nNote: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "modified": "2018-06-06T20:24:20", "published": "2016-10-19T11:58:43", "id": "RHSA-2016:2079", "href": "https://access.redhat.com/errata/RHSA-2016:2079", "type": "redhat", "title": "(RHSA-2016:2079) Critical: java-1.8.0-openjdk security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:32:23", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment\nand the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check\narguments of the System.arraycopy() function in certain cases. An untrusted Java\napplication or applet could use this flaw to corrupt virtual machine's memory\nand completely bypass Java sandbox restrictions. (CVE-2016-5582)\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check\nreceived Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use\nthis flaw to send debugging commands to a Java program running with debugging\nenabled if they could make victim's browser send HTTP requests to the JDWP port\nof the debugged application. (CVE-2016-5573)\n\n* It was discovered that the Libraries component of OpenJDK did not restrict the\nset of algorithms used for Jar integrity verification. This flaw could allow an\nattacker to modify content of the Jar file that used weak signing key or hash\nalgorithm. (CVE-2016-5542)\n\nNote: After this update, MD2 hash algorithm and RSA keys with less than 1024\nbits are no longer allowed to be used for Jar integrity verification by default.\nMD5 hash algorithm is expected to be disabled by default in the future updates.\nA newly introduced security property jdk.jar.disabledAlgorithms can be used to\ncontrol the set of disabled algorithms.\n\n* A flaw was found in the way the JMX component of OpenJDK handled classloaders.\nAn untrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2016-5554)\n\n* A flaw was found in the way the Networking component of OpenJDK handled HTTP\nproxy authentication. A Java application could possibly expose HTTPS server\nauthentication credentials via a plain text network connection to an HTTP proxy\nif proxy asked for authentication. (CVE-2016-5597)\n\nNote: After this update, Basic HTTP proxy authentication can no longer be used\nwhen tunneling HTTPS connection through an HTTP proxy. Newly introduced system\nproperties jdk.http.auth.proxying.disabledSchemes and\njdk.http.auth.tunneling.disabledSchemes can be used to control which\nauthentication schemes can be requested by an HTTP proxy when proxying HTTP and\nHTTPS connections respectively.\n", "modified": "2018-06-06T20:24:16", "published": "2016-11-07T05:00:00", "id": "RHSA-2016:2658", "href": "https://access.redhat.com/errata/RHSA-2016:2658", "type": "redhat", "title": "(RHSA-2016:2658) Important: java-1.7.0-openjdk security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:46", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10293", "CVE-2017-10295", "CVE-2017-10309", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 151.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)", "modified": "2018-06-07T18:20:34", "published": "2017-10-23T11:33:24", "id": "RHSA-2017:2999", "href": "https://access.redhat.com/errata/RHSA-2017:2999", "type": "redhat", "title": "(RHSA-2017:2999) Critical: java-1.8.0-oracle security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2016-10165", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10293", "CVE-2017-10295", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 161.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388)\n\nNote: Starting with this update, Java web browser plugin and Java Web Start application are no longer included with Oracle Java SE 7. Refer to the Releases Notes and the Oracle Java SE Support Roadmap pages linked to in the References section for further information about this change.", "modified": "2018-06-07T18:20:35", "published": "2017-10-24T15:56:24", "id": "RHSA-2017:3046", "href": "https://access.redhat.com/errata/RHSA-2017:3046", "type": "redhat", "title": "(RHSA-2017:3046) Important: java-1.7.0-oracle security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10295", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388"], "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10285, CVE-2017-10346)\n\n* It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. (CVE-2017-10388)\n\n* It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. (CVE-2017-10356)\n\n* A flaw was found in the Smart Card IO component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10274)\n\n* It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. (CVE-2017-10355)\n\n* It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. (CVE-2017-10295)\n\n* It was discovered that multiple classes in the JAXP, Serialization, Libraries, and JAX-WS components of OpenJDK did not limit the amount of memory allocated when creating object instances from the serialized form. A specially-crafted input could cause a Java application to use an excessive amount of memory when deserialized. (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345, CVE-2017-10348, CVE-2017-10350)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "modified": "2018-06-07T18:23:04", "published": "2017-10-20T14:13:17", "id": "RHSA-2017:2998", "href": "https://access.redhat.com/errata/RHSA-2017:2998", "type": "redhat", "title": "(RHSA-2017:2998) Critical: java-1.8.0-openjdk security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-10-30T13:25:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5582", "CVE-2016-5542", "CVE-2016-5597", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-10165"], "description": "**CentOS Errata and Security Advisory** CESA-2016:2658\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment\nand the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check\narguments of the System.arraycopy() function in certain cases. An untrusted Java\napplication or applet could use this flaw to corrupt virtual machine's memory\nand completely bypass Java sandbox restrictions. (CVE-2016-5582)\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check\nreceived Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use\nthis flaw to send debugging commands to a Java program running with debugging\nenabled if they could make victim's browser send HTTP requests to the JDWP port\nof the debugged application. (CVE-2016-5573)\n\n* It was discovered that the Libraries component of OpenJDK did not restrict the\nset of algorithms used for Jar integrity verification. This flaw could allow an\nattacker to modify content of the Jar file that used weak signing key or hash\nalgorithm. (CVE-2016-5542)\n\nNote: After this update, MD2 hash algorithm and RSA keys with less than 1024\nbits are no longer allowed to be used for Jar integrity verification by default.\nMD5 hash algorithm is expected to be disabled by default in the future updates.\nA newly introduced security property jdk.jar.disabledAlgorithms can be used to\ncontrol the set of disabled algorithms.\n\n* A flaw was found in the way the JMX component of OpenJDK handled classloaders.\nAn untrusted Java application or applet could use this flaw to bypass certain\nJava sandbox restrictions. (CVE-2016-5554)\n\n* A flaw was found in the way the Networking component of OpenJDK handled HTTP\nproxy authentication. A Java application could possibly expose HTTPS server\nauthentication credentials via a plain text network connection to an HTTP proxy\nif proxy asked for authentication. (CVE-2016-5597)\n\nNote: After this update, Basic HTTP proxy authentication can no longer be used\nwhen tunneling HTTPS connection through an HTTP proxy. Newly introduced system\nproperties jdk.http.auth.proxying.disabledSchemes and\njdk.http.auth.tunneling.disabledSchemes can be used to control which\nauthentication schemes can be requested by an HTTP proxy when proxying HTTP and\nHTTPS connections respectively.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-November/034178.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-November/034196.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-November/003678.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-accessibility\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-headless\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2658.html", "edition": 89, "modified": "2016-11-25T16:47:20", "published": "2016-11-12T06:29:49", "id": "CESA-2016:2658", "href": "http://lists.centos.org/pipermail/centos-announce/2016-November/034178.html", "title": "java security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:22", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5582", "CVE-2016-5542", "CVE-2016-5597", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-10165"], "description": "**CentOS Errata and Security Advisory** CESA-2016:2079\n\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582)\n\n* It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573)\n\n* It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542)\n\nNote: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms.\n\n* A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554)\n\n* A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597)\n\nNote: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-October/034161.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-October/034162.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-accessibility\njava-1.8.0-openjdk-accessibility-debug\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2079.html", "edition": 3, "modified": "2016-10-19T18:46:08", "published": "2016-10-19T14:40:38", "href": "http://lists.centos.org/pipermail/centos-announce/2016-October/034161.html", "id": "CESA-2016:2079", "title": "java security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-08T03:33:33", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "**CentOS Errata and Security Advisory** CESA-2017:2998\n\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10285, CVE-2017-10346)\n\n* It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. (CVE-2017-10388)\n\n* It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. (CVE-2017-10356)\n\n* A flaw was found in the Smart Card IO component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10274)\n\n* It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. (CVE-2017-10355)\n\n* It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. (CVE-2017-10295)\n\n* It was discovered that multiple classes in the JAXP, Serialization, Libraries, and JAX-WS components of OpenJDK did not limit the amount of memory allocated when creating object instances from the serialized form. A specially-crafted input could cause a Java application to use an excessive amount of memory when deserialized. (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345, CVE-2017-10348, CVE-2017-10350)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-October/034609.html\nhttp://lists.centos.org/pipermail/centos-announce/2017-October/034641.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-accessibility\njava-1.8.0-openjdk-accessibility-debug\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-javadoc-zip\njava-1.8.0-openjdk-javadoc-zip-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\n", "edition": 7, "modified": "2017-10-20T22:32:26", "published": "2017-10-20T15:50:18", "href": "http://lists.centos.org/pipermail/centos-announce/2017-October/034609.html", "id": "CESA-2017:2998", "title": "java security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2017-12-27T18:51:28", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10293", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_7_1-ibm fixes the following issues:\n\n * CVE-2017-10349: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10348: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10388: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2016-9841: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10293: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10345: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10350: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10356: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10357: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10347: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10355: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10285: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10281: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10295: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10346: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2016-10165: &quot;Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Serialization). Supported\n versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java\n SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit\n vulnerability allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE Embedded, JRockit.\n Successful attacks require human interaction from a person other than\n the attacker. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS)\n of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be\n exploited through sandboxed Java Web Start applications and sandboxed\n Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications\n or sandboxed Java applets, such as through a web service. CVSS 3.0 Base\n Score 3.1 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n", "edition": 1, "modified": "2017-12-27T15:12:43", "published": "2017-12-27T15:12:43", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00094.html", "id": "SUSE-SU-2017:3440-1", "title": "Security update for java-1_7_1-ibm (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-10T14:51:43", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10293", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_7_0-ibm fixes the following issues:\n\n - Security update to version 7.0.10.15 (bsc#1070162):\n * CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10356\n CVE-2017-10293 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355\n CVE-2017-10357 CVE-2017-10348 CVE-2017-10349 CVE-2017-10347\n CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345\n\n", "edition": 1, "modified": "2018-01-10T12:10:02", "published": "2018-01-10T12:10:02", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00029.html", "id": "SUSE-SU-2018:0061-1", "title": "Security update for java-1_7_0-ibm (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-30T07:02:47", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10293", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_7_1-ibm fixes the following issues:\n\n - Security update to version 7.1.4.15 [bsc#1070162]\n\n * CVE-2017-10349: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10348: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10388: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2016-9841: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10293: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10345: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10350: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10356: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10357: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10347: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10355: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10285: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10281: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10295: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2017-10346: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n * CVE-2016-10165: &quot;Vulnerability in the Java SE, Java SE Embedded,\n JRockit component of Oracle Java SE (subcomponent: Serialization).\n Supported versions that are affected are Java SE: 6u161, 7u151, 8u144\n and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to\n exploit vulnerability allows unauthenticated attacker with network\n access via multiple protocols to compromise Java SE, Java SE Embedded,\n JRockit. Successful attacks require human interaction from a person\n other than the attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This\n vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component without using\n sandboxed Java Web Start applications or sandboxed Java applets, such\n as through a web service. CVSS 3.0 Base Score 3.1 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).&quot;\n\n", "edition": 1, "modified": "2017-12-30T03:09:07", "published": "2017-12-30T03:09:07", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00097.html", "id": "SUSE-SU-2017:3455-1", "title": "Security update for java-1_7_1-ibm (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-22T17:51:06", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10293", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10309", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_8_0-ibm fixes the following issues:\n\n Security issues fixed:\n\n - Security update to version 8.0.5.5 (bsc#1070162)\n * CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10309\n CVE-2017-10356 CVE-2017-10293 CVE-2016-9841 CVE-2016-10165\n CVE-2017-10355 CVE-2017-10357 CVE-2017-10348 CVE-2017-10349\n CVE-2017-10347 CVE-2017-10350 CVE-2017-10281 CVE-2017-10295\n CVE-2017-10345\n\n", "edition": 1, "modified": "2017-12-22T15:07:42", "published": "2017-12-22T15:07:42", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00085.html", "id": "SUSE-SU-2017:3411-1", "type": "suse", "title": "Security update for java-1_8_0-ibm (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-10T20:33:11", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9840", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2016-9842", "CVE-2017-10347", "CVE-2017-10285", "CVE-2016-9843", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_8_0-openjdk fixes the following issues:\n\n - Update to version jdk8u151 (icedtea 3.6.0)\n\n Security issues fixed:\n\n - CVE-2017-10274: Handle smartcard clean up better (bsc#1064071)\n - CVE-2017-10281: Better queuing priorities (bsc#1064072)\n - CVE-2017-10285: Unreferenced references (bsc#1064073)\n - CVE-2017-10295: Better URL connections (bsc#1064075)\n - CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086)\n - CVE-2017-10346: Better invokespecial checks (bsc#1064078)\n - CVE-2017-10350: Better Base Exceptions (bsc#1064082)\n - CVE-2017-10347: Better timezone processing (bsc#1064079)\n - CVE-2017-10349: Better X processing (bsc#1064081)\n - CVE-2017-10345: Better keystore handling (bsc#1064077)\n - CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)\n - CVE-2017-10357: Process Proxy presentation (bsc#1064085)\n - CVE-2017-10355: More stable connection processing (bsc#1064083)\n - CVE-2017-10356: Update storage implementations (bsc#1064084)\n - CVE-2016-10165: Improve CMS header processing (bsc#1064069)\n - CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade\n compression library (bsc#1064070)\n\n Bug fixes:\n\n - Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and overlayfs\n\n", "edition": 1, "modified": "2017-11-10T18:18:14", "published": "2017-11-10T18:18:14", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-11/msg00018.html", "id": "SUSE-SU-2017:2989-1", "title": "Security update for java-1_8_0-openjdk (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-12T20:33:22", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9840", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2016-9842", "CVE-2017-10347", "CVE-2017-10285", "CVE-2016-9843", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_8_0-openjdk fixes the following issues:\n\n - Update to version jdk8u151 (icedtea 3.6.0)\n\n Security issues fixed:\n\n - CVE-2017-10274: Handle smartcard clean up better (bsc#1064071)\n - CVE-2017-10281: Better queuing priorities (bsc#1064072)\n - CVE-2017-10285: Unreferenced references (bsc#1064073)\n - CVE-2017-10295: Better URL connections (bsc#1064075)\n - CVE-2017-10388: Correct Kerberos ticket grants (bsc#1064086)\n - CVE-2017-10346: Better invokespecial checks (bsc#1064078)\n - CVE-2017-10350: Better Base Exceptions (bsc#1064082)\n - CVE-2017-10347: Better timezone processing (bsc#1064079)\n - CVE-2017-10349: Better X processing (bsc#1064081)\n - CVE-2017-10345: Better keystore handling (bsc#1064077)\n - CVE-2017-10348: Better processing of unresolved permissions (bsc#1064080)\n - CVE-2017-10357: Process Proxy presentation (bsc#1064085)\n - CVE-2017-10355: More stable connection processing (bsc#1064083)\n - CVE-2017-10356: Update storage implementations (bsc#1064084)\n - CVE-2016-10165: Improve CMS header processing (bsc#1064069)\n - CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade\n compression library (bsc#1064070)\n\n Bug fixes:\n\n - Fix bsc#1032647, bsc#1052009 with btrfs subvolumes and overlayfs\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "edition": 1, "modified": "2017-11-12T18:09:03", "published": "2017-11-12T18:09:03", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-11/msg00022.html", "id": "OPENSUSE-SU-2017:2998-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-19T14:45:09", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10293", "CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-9841", "CVE-2017-10345"], "description": "This update for java-1_6_0-ibm fixes the following issues:\n\n Security issues fixed:\n\n - Security update to version 6.0.16.50 (bsc#1070162)\n * CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10356\n CVE-2017-10293 CVE-2016-9841 CVE-2017-10355 CVE-2017-10357\n CVE-2017-10348 CVE-2017-10349 CVE-2017-10347 CVE-2017-10350\n CVE-2017-10281 CVE-2017-10295 CVE-2017-10345\n\n", "edition": 1, "modified": "2017-12-19T12:10:10", "published": "2017-12-19T12:10:10", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00080.html", "id": "SUSE-SU-2017:3369-1", "title": "Security update for java-1_6_0-ibm (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "aix": [{"lastseen": "2019-05-29T19:19:14", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10309", "CVE-2017-10165", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10346", "CVE-2017-10295", "CVE-2016-10165", "CVE-2017-10345"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Thu Dec 7 12:20:05 CST 2017\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/java_oct2017_advisory.asc\nhttps://aix.software.ibm.com/aix/efixes/security/java_oct2017_advisory.asc\nftp://aix.software.ibm.com/aix/efixes/security/java_oct2017_advisory.asc\n\nSecurity Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX\n\n\n===============================================================================\n\nSUMMARY:\n\n There are multiple vulnerabilities in IBM SDK Java Technology Edition,\n Versions 6, 7, 7.1, 8 that are used by AIX. These issues were disclosed\n as part of the IBM Java SDK updates in October 2017.\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2017-10345\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded, JRockit Serialization component could allow\n an unauthenticated attacker to cause a denial of service resulting in\n a low availability impact using unknown attack vectors. \n CVSS Base Score: 3.1 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/133774 \n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded, JRockit Networking component could allow an\n unauthenticated attacker to cause no confidentiality impact, low\n integrity impact, and no availability impact.\n CVSS Base Score: 4\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133729\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\n CVEID: CVE-2017-10281\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded, JRockit Serialization component could allow\n an unauthenticated attacker to cause a denial of service resulting in\n a low availability impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133720\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10350\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded JAX-WS component could allow an\n unauthenticated attacker to cause a denial of service resulting in a\n low availability impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133779\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10347\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, JRockit Serialization component could allow an unauthenticated\n attacker to cause a denial of service resulting in a low availability\n impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133776\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10349\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded JAXP component could allow an unauthenticated\n attacker to cause a denial of service resulting in a low availability\n impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133778\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10348\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded Libraries component could allow an\n unauthenticated attacker to cause a denial of service resulting in a\n low availability impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133777\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10357\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded Serialization component could allow an\n unauthenticated attacker to cause a denial of service resulting in a\n low availability impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133786\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10355\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded, JRockit Networking component could allow an\n unauthenticated attacker to cause a denial of service resulting in a\n low availability impact using unknown attack vectors.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133784\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2017-10356\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded, JRockit Security component could allow an\n unauthenticated attacker to obtain sensitive information resulting in a\n high confidentiality impact using unknown attack vectors.\n CVSS Base Score: 6.2\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133785\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n CVEID: CVE-2017-10309\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10309\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10309\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE Deployment component could allow an unauthenticated attacker to\n cause low confidentiality impact, low integrity impact, and low\n availability impact.\n CVSS Base Score: 7.1\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133738\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\n CVEID: CVE-2017-10388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded Libraries component could allow an\n unauthenticated attacker to take control of the system.\n CVSS Base Score: 7.5\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133813 \n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n CVEID: CVE-2017-10285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded RMI component could allow an unauthenticated\n attacker to take control of the system.\n CVSS Base Score: 9.6\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133723\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n CVEID: CVE-2017-10346\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the\n Java SE, Java SE Embedded Hotspot component could allow an\n unauthenticated attacker to take control of the system.\n CVSS Base Score: 9.6\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/133775\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n CVEID: CVE-2016-10165\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10165\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10165\n DESCRIPTION: Little CMS is vulnerable to a denial of service, caused by an\n out-of-bounds read in Type_MLU_Read function in cmstypes.c. By using a\n specially-crafted image, a remote attacker could exploit this\n vulnerability to cause the application to crash or obtain sensitive\n information.\n CVSS Base Score: 6.5\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/127028\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\n\nAFFECTED PRODUCTS AND VERSIONS:\n\n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2.x\n\n The following fileset levels (VRMF) are vulnerable, if the \n respective Java version is installed:\n For Java6: Less than 6.0.0.655 \n For Java7: Less than 7.0.0.615\n For Java7.1: Less than 7.1.0.415\n For Java8: Less than 8.0.0.505\n\n Note: To find out whether the affected Java filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i java\n\n\nREMEDIATION:\n\n Note: Recommended remediation is to always install the most recent \n Java package available for the respective Java version.\n\n IBM SDK, Java Technology Edition, Version 6 Service Refresh 16 Fix \n Pack 55 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=6.0.0.0&platform=AIX+32-bit,+pSeries&function=all\n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=6.0.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix\n Pack 15 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+32-bit,+pSeries&function=all \n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 4\n Fix Pack 15 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+32-bit,+pSeries&function=all\n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n IBM SDK, Java Technology Edition, Version 8 Service Refresh 5\n Fix Pack 5 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+32-bit,+pSeries&function=all \n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n\nWORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Contact IBM Support for questions related to this announcement:\n\n http://ibm.com/support/\n https://ibm.com/support/\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v2 Guide:\n http://www.first.org/cvss/v2/guide \n On-line Calculator v2:\n http://nvd.nist.gov/CVSS-v2-Calculator \n Complete CVSS v3 Guide:\n http://www.first.org/cvss/user-guide \n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0 \n IBM Java SDK Security Bulletin:\n http://www-01.ibm.com/support/docview.wss?uid=swg22009849\n\n\nACKNOWLEDGEMENTS:\n\n None.\n\nCHANGE HISTORY:\n\n First Issued: Thu Dec 7 12:20:05 CST 2017\n\n \n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n\n\n\n", "edition": 4, "modified": "2017-12-07T12:20:05", "published": "2017-12-07T12:20:05", "id": "JAVA_OCT2017_ADVISORY.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/java_oct2017_advisory.asc", "title": "There are multiple vulnerabilities in IBM SDK Java Technology Edition", "type": "aix", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2017-11-20T00:35:59", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "### Background\n\nIcedTea\u2019s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. \n\n### Description\n\nMultiple vulnerabilities have been discovered in IcedTea. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or gain access to information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll IcedTea binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-bin-3.6.0\"", "edition": 1, "modified": "2017-11-19T00:00:00", "published": "2017-11-19T00:00:00", "href": "https://security.gentoo.org/glsa/201711-14", "id": "GLSA-201711-14", "title": "IcedTea: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2020-11-10T12:34:39", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "**Issue Overview:**\n\nMultiple unbounded memory allocations in deserialization (Serialization, 8174109) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. ([CVE-2017-10281 __](<https://access.redhat.com/security/cve/CVE-2017-10281>))\n\nUnbounded resource use in JceKeyStore deserialization (Serialization, 8181370) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. ([CVE-2017-10345 __](<https://access.redhat.com/security/cve/CVE-2017-10345>))\n\nInsufficient loader constraints checks for invokespecial (Hotspot, 8180711) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10346 __](<https://access.redhat.com/security/cve/CVE-2017-10346>))\n\nUnbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323) \nVulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10347 __](<https://access.redhat.com/security/cve/CVE-2017-10347>))\n\nIncorrect privilege use when handling unreferenced objects (RMI, 8174966) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10285 __](<https://access.redhat.com/security/cve/CVE-2017-10285>))\n\nWeak protection of key stores against brute forcing (Security, 8181692) \nIt was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. ([CVE-2017-10356 __](<https://access.redhat.com/security/cve/CVE-2017-10356>))\n\nNo default network operations timeouts in FtpClient (Networking, 8181612) \nIt was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. ([CVE-2017-10355 __](<https://access.redhat.com/security/cve/CVE-2017-10355>))\n\nHTTP client insufficient check for newline in URLs (Networking, 8176751) \nIt was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. ([CVE-2017-10295 __](<https://access.redhat.com/security/cve/CVE-2017-10295>))\n\nMultiple unbounded memory allocations in deserialization (Libraries, 8181432) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10348 __](<https://access.redhat.com/security/cve/CVE-2017-10348>))\n\nUnbounded memory allocation in PredicatedNodeTest deserialization (JAXP, 8181327) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10349 __](<https://access.redhat.com/security/cve/CVE-2017-10349>))\n\nUnbounded memory allocation in JAXWSExceptionBase deserialization (JAX-WS, 8181100) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10350 __](<https://access.redhat.com/security/cve/CVE-2017-10350>))\n\nCardImpl incorrect state handling (Smart Card IO, 8169026) \nVulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). ([CVE-2017-10274 __](<https://access.redhat.com/security/cve/CVE-2017-10274>))\n\nUnbounded memory allocation in ObjectInputStream deserialization (Serialization, 8181597) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2017-10357 __](<https://access.redhat.com/security/cve/CVE-2017-10357>))\n\nUse of unprotected sname in Kerberos client (Libraries, 8178794): \nIt was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. ([CVE-2017-10388 __](<https://access.redhat.com/security/cve/CVE-2017-10388>))\n\n \n**Affected Packages:** \n\n\njava-1.8.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.8.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.8.0-openjdk-src-1.8.0.151-1.b12.35.amzn1.i686 \n java-1.8.0-openjdk-demo-1.8.0.151-1.b12.35.amzn1.i686 \n java-1.8.0-openjdk-devel-1.8.0.151-1.b12.35.amzn1.i686 \n java-1.8.0-openjdk-debuginfo-1.8.0.151-1.b12.35.amzn1.i686 \n java-1.8.0-openjdk-headless-1.8.0.151-1.b12.35.amzn1.i686 \n java-1.8.0-openjdk-1.8.0.151-1.b12.35.amzn1.i686 \n \n noarch: \n java-1.8.0-openjdk-javadoc-1.8.0.151-1.b12.35.amzn1.noarch \n java-1.8.0-openjdk-javadoc-zip-1.8.0.151-1.b12.35.amzn1.noarch \n \n src: \n java-1.8.0-openjdk-1.8.0.151-1.b12.35.amzn1.src \n \n x86_64: \n java-1.8.0-openjdk-debuginfo-1.8.0.151-1.b12.35.amzn1.x86_64 \n java-1.8.0-openjdk-devel-1.8.0.151-1.b12.35.amzn1.x86_64 \n java-1.8.0-openjdk-src-1.8.0.151-1.b12.35.amzn1.x86_64 \n java-1.8.0-openjdk-1.8.0.151-1.b12.35.amzn1.x86_64 \n java-1.8.0-openjdk-demo-1.8.0.151-1.b12.35.amzn1.x86_64 \n java-1.8.0-openjdk-headless-1.8.0.151-1.b12.35.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2017-10-26T19:46:00", "published": "2017-10-26T19:46:00", "id": "ALAS-2017-917", "href": "https://alas.aws.amazon.com/ALAS-2017-917.html", "title": "Critical: java-1.8.0-openjdk", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "cvelist": ["CVE-2017-10357", "CVE-2017-10356", "CVE-2017-10349", "CVE-2017-10281", "CVE-2017-10348", "CVE-2017-10388", "CVE-2017-10355", "CVE-2017-10347", "CVE-2017-10285", "CVE-2017-10350", "CVE-2017-10274", "CVE-2017-10346", "CVE-2017-10295", "CVE-2017-10345"], "description": "[1:1.8.0.151-1.b12]\n- repack policies adapted to new counts and paths\n- note that also c-j-c is needed to make this apply in next update\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Correct fix to RH1191652 root patch so existing COMMON_CCXXFLAGS_JDK is not lost.\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Update location of policy JAR files following 8157561.\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Update SystemTap tapsets to version in IcedTea 3.6.0pre02 to fix RH1492139.\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Fix premature shutdown of NSS in SunEC provider.\n- Move -ffp-no-contract fix to local fixes section.\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Add 8075484/PR3473/RH1490713 which is listed as being in 8u151 but not supplied by Oracle.\n- Resolves: rhbz#1499207\n[1:1.8.0.151-0.b12]\n- Update to aarch64-jdk8u151-b12.\n- Update location of OpenJDK zlib system library source code in remove-intree-libraries.sh\n- Drop upstreamed patches for 8179084 and RH1367357 (part of 8183028).\n- Update RH1191652 (root) to accomodate 8151841 (GCC 6 support).\n- Update RH1163501 to accomodate 8181048 (crypto refactoring)\n- Resolves: rhbz#1499207", "edition": 6, "modified": "2017-10-20T00:00:00", "published": "2017-10-20T00:00:00", "id": "ELSA-2017-2998", "href": "http://linux.oracle.com/errata/ELSA-2017-2998.html", "title": "java-1.8.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}