Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310865175
HistoryJan 21, 2013 - 12:00 a.m.

Fedora Update for java-1.7.0-openjdk FEDORA-2013-0868

2013-01-2100:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
14

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096979.html");
  script_oid("1.3.6.1.4.1.25623.1.0.865175");
  script_version("2023-06-22T10:34:14+0000");
  script_tag(name:"last_modification", value:"2023-06-22 10:34:14 +0000 (Thu, 22 Jun 2023)");
  script_tag(name:"creation_date", value:"2013-01-21 09:34:22 +0530 (Mon, 21 Jan 2013)");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
  script_cve_id("CVE-2012-4681", "CVE-2013-0422", "CVE-2012-3174");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name:"FEDORA", value:"2013-0868");
  script_name("Fedora Update for java-1.7.0-openjdk FEDORA-2013-0868");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'java-1.7.0-openjdk'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC17");
  script_tag(name:"affected", value:"java-1.7.0-openjdk on Fedora 17");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC17")
{

  if ((res = isrpmvuln(pkg:"java-1.7.0-openjdk", rpm:"java-1.7.0-openjdk~1.7.0.9~2.3.4.fc17", rls:"FC17")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

openvas 44
cve 4
attackerkb 3
fedora 9
ubuntucve 3
prion 3
suse 4
nessus 36
oraclelinux 2
threatpost 23
seebug 4
redhat 5
centos 2
ubuntu 1
cert 2
zdi 2
cisa 1
saint 12
thn 7
metasploit 2
canvas 2
cisa_kev 2
securityvulns 4
freebsd 2
checkpoint_advisories 6
myhack58 1
amazon 1
zdt 1
ibm 4
symantec 1
packetstorm 1
veracode 2
exploitdb 1
fireeye 1
securelist 1
openvas
openvas
Fedora Update for java-1.7.0-openjdk FEDORA-2013-0868
2013-01-21 00:00:00
SuSE Update for java-1_7_0-openjdk openSUSE-SU-2013:0199-1 (java-1_7_0-openjdk)
2013-03-11 00:00:00
Oracle Java SE Multiple Remote Code Execution Vulnerabilities - Windows
2013-01-17 00:00:00
cve
cve
CVE-2013-0422
2013-01-10 21:55:00
CVE-2012-3174
2013-01-14 22:55:00
CVE-2012-4681
2012-08-28 00:55:00
attackerkb
attackerkb
CVE-2013-0422
2013-01-10 00:00:00
Java 7 Applet Remote Code Execution
2012-08-28 00:00:00
CVE-2012-4681
2012-08-28 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.9-2.3.4.fc17
2013-01-16 19:42:39
[SECURITY] Fedora 18 Update: java-1.7.0-openjdk-1.7.0.9-2.3.4.fc18
2013-01-16 19:35:17
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.fc17
2013-06-20 02:29:10
ubuntucve
ubuntucve
CVE-2013-0422
2013-01-10 00:00:00
CVE-2012-3174
2013-01-14 00:00:00
CVE-2012-4681
2012-08-28 00:00:00
prion
prion
Design/Logic Flaw
2013-01-10 21:55:00
Design/Logic Flaw
2013-01-14 22:55:00
Design/Logic Flaw
2012-08-28 00:55:00
suse
suse
java-1_7_0-openjdk: update to icedtea-2.3.4 (critical)
2013-01-25 14:04:23
java-1_7_0-openjdk: security fix for remote exploit (critical)
2012-09-12 19:08:39
Security update for IBM Java (important)
2012-09-25 00:09:19
nessus
nessus
RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0156)
2013-01-15 00:00:00
CentOS 5 / 6 : java-1.7.0-openjdk (CESA-2013:0165)
2013-01-17 00:00:00
Fedora 16 : java-1.7.0-openjdk-1.7.0.9-2.3.4.fc16 (2013-0888)
2013-01-17 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-01-16 00:00:00
java-1.7.0-openjdk security update
2012-09-03 00:00:00
threatpost
threatpost
Report: Malvertising Campaign Thrives on Dynamic DNS
2013-02-11 20:40:31
Computer Virus Blacks Out Qatari Gas Producer
2012-08-30 16:48:35
Nasty New Java Zero Day Found; Exploit Kits Already Have It
2013-01-10 15:15:21
seebug
seebug
Oracle Java Runtime Environment 未明远程代码执行漏洞(CVE-2012-3174)
2013-01-16 00:00:00
Oracle Java 7 JmxMBeanServer类远程代码执行漏洞
2013-01-14 00:00:00
Java Applet JMX Remote Code Execution
2014-07-01 00:00:00
redhat
redhat
(RHSA-2013:0165) Important: java-1.7.0-openjdk security update
2013-01-16 00:00:00
(RHSA-2013:0156) Critical: java-1.7.0-oracle security update
2013-01-14 00:00:00
(RHSA-2012:1225) Critical: java-1.7.0-oracle security update
2012-09-04 00:00:00
centos
centos
java security update
2013-01-16 20:29:20
java security update
2012-09-03 14:37:23
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2013-01-16 00:00:00
cert
cert
Java 7 fails to restrict access to privileged code
2013-01-10 00:00:00
Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code
2012-08-27 00:00:00
zdi
zdi
Oracle Java Runtime Environment MethodHandle Security Manager Bypass Remote Code Execution Vulnerability
2013-02-01 00:00:00
Oracle Java java.beans.Statement Remote Code Execution Vulnerability
2012-12-21 00:00:00
cisa
cisa
US-CERT Releases Oracle Java JRE 1.7 Security Advisory
2012-08-28 00:00:00
saint
saint
Oracle Java findMethod findClass Security Bypass
2012-08-30 00:00:00
Oracle Java findMethod findClass Security Bypass
2012-08-30 00:00:00
Oracle Java findMethod findClass Security Bypass
2012-08-30 00:00:00
thn
thn
Exploit Packs updated with New Java Zero-Day vulnerability
2013-01-10 18:09:00
Oracle releases patches for Java vulnerability CVE-2012-4681
2012-08-31 22:39:00
Exploit Packs updated with New Java Zero-Day vulnerability
2013-01-10 07:09:00
metasploit
metasploit
Java 7 Applet Remote Code Execution
2012-08-27 09:25:04
Java Applet JMX Remote Code Execution
2013-01-10 19:30:43
canvas
canvas
Immunity Canvas: JAVA_FORNAME_GETFIELD
2012-08-28 00:55:00
Immunity Canvas: JAVA_MBEANINSTANTIATOR_FINDCLASS
2013-01-10 21:55:00
cisa_kev
cisa_kev
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
Oracle JRE Remote Code Execution Vulnerability
2022-05-25 00:00:00
securityvulns
securityvulns
Java environment limitations bypass
2012-09-02 00:00:00
[SE-2012-01] New security issue affecting Java SE 7 Update 7
2012-09-02 00:00:00
0-day vulnerability in Oracle Java is used to install maliscious software
2013-01-21 00:00:00
freebsd
freebsd
Java 1.7 -- security manager bypass
2012-08-27 00:00:00
java 7.x -- security manager bypass
2013-01-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Java 7 Applet RCE Gondvv (CVE-2012-4681)
2012-08-28 00:00:00
Preemptive Protection against Oracle JRE Restrictions Bypass Remote Code Execution (CVE-2012-4681)
2012-10-01 00:00:00
Oracle Java MBeanInstantiator.findClass Remote Code Execution - Ver2 (CVE-2013-0422)
2014-02-03 00:00:00
myhack58
myhack58
The New Year initial, Java break first 0day-vulnerability warning-the black bar safety net
2013-01-11 00:00:00
amazon
amazon
Important: java-1.7.0-openjdk
2013-02-03 12:35:00
zdt
zdt
Java Applet JMX Remote Code Execution Vulnerability
2013-01-11 00:00:00
ibm
ibm
Security Bulletin: Security vulnerability in Oracle Java 7 impacts IBM Rational Collaborative Lifecycle Management products (CVE-2013-0422)
2018-06-17 04:42:53
Security Bulletin: Security vulnerability in Oracle Java 7 impacts IBM Rational Change (CVE-2013-0422)
2018-06-17 04:42:58
Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Advanced/Enterprise for the Oracle CPU February 2013.
2022-09-25 23:13:40
symantec
symantec
Oracle Java Runtime Environment CVE-2013-0422 Multiple Remote Code Execution Vulnerabilities
2013-01-10 00:00:00
packetstorm
packetstorm
Java Applet JMX Remote Code Execution
2013-01-11 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:53:56
Sandbox Restrictions Bypass
2019-05-02 04:46:00
exploitdb
exploitdb
Java Applet JMX - Remote Code Execution (Metasploit) (1)
2013-01-11 00:00:00
fireeye
fireeye
Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents
2013-03-20 17:26:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for OPENVAS:1361412562310865175
openvas44cve4attackerkb3fedora9ubuntucve3prion3suse4nessus36oraclelinux2threatpost23seebug4redhat5centos2ubuntu1cert2zdi2cisa1saint12thn7metasploit2canvas2cisa_kev2securityvulns4freebsd2checkpoint_advisories6myhack581amazon1zdt1ibm4symantec1packetstorm1veracode2exploitdb1fireeye1securelist1