Ubuntu USN-814-1 (openjdk-6)

The remote host is missing an update to openjdk-6 announced via advisory USN-814-1. OpenVAS Vulnerability Test $Id: ubuntu8141.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8141.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-814-1 openjdk-6 Authors: Thoma...

USN-814-1: OpenJDK vulnerabilities

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that JAR bundles would appear signed if only one element w...

Design/Logic Flaw

JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted 1 applet or 2 application...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update

Updated java-1.6.0-openjdk packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and...