SLES11: Security update for IBM Java 1.6.0

Security update for IBM Java 1.6.0. The remote host is missing updates to packages affecting the security of the system

Reporter	Title	Published	Views	Family All 690
IBM Security Bulletins	Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities	11 Jul 202407:21	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect embedded rules in IBM Business Automation Workflow	11 Jan 202413:32	–	ibm
IBM Security Bulletins	Security Bulletin: Addressing the Security vulnerability CVE-2022-23437,CVE-2009-2625,CVE-2012-0881,CVE-2013-4002 found in xercesImpl-2.9.1.jar and its previous versions affects ITCAM for Transactions	30 Aug 202311:09	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Xerces2 affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2013-4002, CVE-2012-1724, CVE-2012-0881, CVE-2022-23437, CVE-2009-2625)	13 Jul 202313:21	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Apache XML Security for Java affects IBM Tivoli Business Service Manager (CVE-2013-4517, CVE-2013-2172, CVE-2009-0217, CVE-2021-40690)	6 Oct 202204:39	–	ibm
IBM Security Bulletins	Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable org.apache.xerces_2.9.0.v201101211617-4.8.0.jar	8 May 202308:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager May 2023 - Multiple CVEs	7 Jun 202307:18	–	ibm
IBM Security Bulletins	Security Bulletin: Order Management is subject to vulnerabilities regarding XML service where a remote attacker could exploit this vulnerability.	12 Apr 202417:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Call Center is subject to vulnerability regarding an XML service, a remote attacker could exploit this vulnerability to consume available CPU resources.	12 Apr 202417:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Content Navigator is affected by Apache Xerces2	29 Mar 202623:41	–	ibm

Source	Link
bugzilla	www.bugzilla.novell.com/show_bug.cgi

#
#VID 27428b62b5ccd6ac2929bae4bea6f2dd
# OpenVAS Vulnerability Test
# $
# Description: Security update for IBM Java 1.6.0
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_summary = "The remote host is missing updates to packages that affect
the security of your system.  One or more of the following packages
are affected:

    java-1_6_0-ibm
    java-1_6_0-ibm-alsa
    java-1_6_0-ibm-fonts
    java-1_6_0-ibm-jdbc
    java-1_6_0-ibm-plugin


More details may also be found by searching for the SuSE
Enterprise Server 11 patch database located at
http://download.novell.com/patch/finder/";

tag_solution = "Please install the updates provided by SuSE.";

if(description)
{
 script_xref(name : "URL" , value : "https://bugzilla.novell.com/show_bug.cgi?id=548655");
 script_id(66230);
 script_version("$Revision: 6666 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)");
 script_cve_id("CVE-2009-2676", "CVE-2009-2493", "CVE-2009-2670", "CVE-2009-0217", "CVE-2009-2671", "CVE-2009-2672", "CVE-2009-2673", "CVE-2009-2674", "CVE-2009-2675", "CVE-2009-2625");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_name("SLES11: Security update for IBM Java 1.6.0");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("SuSE Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"java-1_6_0-ibm", rpm:"java-1_6_0-ibm~1.6.0_sr6~1.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"java-1_6_0-ibm-alsa", rpm:"java-1_6_0-ibm-alsa~1.6.0_sr6~1.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"java-1_6_0-ibm-fonts", rpm:"java-1_6_0-ibm-fonts~1.6.0_sr6~1.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"java-1_6_0-ibm-jdbc", rpm:"java-1_6_0-ibm-jdbc~1.6.0_sr6~1.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"java-1_6_0-ibm-plugin", rpm:"java-1_6_0-ibm-plugin~1.6.0_sr6~1.1.1", rls:"SLES11.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

11 Jul 2017 00:00Current

0.3Low risk

Vulners AI Score0.3

EPSS0.52563

ibm java sles11 suse enterprise server 11 patch gnu general license cve-2009-2676 cvss级别:10.0 vulnerability package vendorfix.