Lucene search
Chris BrookTHREATPOST:163A6E502D29C451AA1A20E62CA10C1CHistoryNov 09, 2011 - 5:09 p.m.
Apple Releases New Java Updates, Fix 17 Flaws
2011-11-0917:09:04
Chris Brook
threatpost.com
23
0.972 High
EPSS
Percentile
99.8%
Apple pushed out a new batch of Java updates for Mac OS X 10.6.8 Snow Leopard and 10.7 Lion yesterday, bringing the two operating systems up to date with Oracle’s Java SE 6 Update 29.
In its update summary, Apple claims multiple vulnerabilities exist in Java’s previous build 1.6.0_26, including one that could allow an untrusted applet to execute arbitrary code outside the platform’s sandbox. Another could bring about arbitrary code execution when it comes to the user’s privileges.
The update to version 1.6.0_29 fixes 17 flaws in total including:
- CVE-2011-3389
- CVE-2011-3521
- CVE-2011-3544
- CVE-2011-3545
- CVE-2011-3546
- CVE-2011-3547
- CVE-2011-3548
- CVE-2011-3549
- CVE-2011-3551
- CVE-2011-3552
- CVE-2011-3553
- CVE-2011-3554
- CVE-2011-3556
- CVE-2011-3557
- CVE-2011-3558
- CVE-2011-3560
- CVE-2011-3561
As usual, the update can be downloaded via your computer’s Software Update preferences or from Apple’s Downloads page.
Related
openvas
openvas
Java for Mac OS X 10.6 Update 6 And 10.7 Update 1
2011-11-17 00:00:00
Java for Mac OS X 10.6 Update 6 And 10.7 Update 1
2011-11-17 00:00:00
CentOS Update for java CESA-2011:1380 centos5 x86_64
2012-07-30 00:00:00
nessus
nessus
Mac OS X : Java for Mac OS X 10.6 Update 6 (BEAST)
2011-11-09 00:00:00
Mac OS X : Java for Mac OS X 10.7 Update 1 (BEAST)
2011-11-09 00:00:00
Fedora 16 : java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16 (2011-15020) (BEAST)
2011-11-07 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
2011-11-11 00:00:00
Oracle Java multiple security vulnerabilities
2011-11-11 00:00:00
redhat
redhat
(RHSA-2011:1380) Critical: java-1.6.0-openjdk security update
2011-10-18 00:00:00
(RHSA-2012:0034) Critical: java-1.6.0-ibm security update
2012-01-18 00:00:00
(RHSA-2011:1384) Critical: java-1.6.0-sun security update
2011-10-19 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-10-18 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16
2011-11-05 01:27:14
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.1-2.0.2.fc16
2011-11-10 17:36:54
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
2012-09-19 03:03:35
centos
centos
java security update
2011-10-19 21:07:19
osv
osv
openjdk-6 - several
2011-12-01 00:00:00
openjdk-6 - several
2011-12-05 00:00:00
amazon
amazon
Critical: java-1.6.0-openjdk
2011-10-31 18:22:00
debian
debian
[SECURITY] [DSA 2356-1] openjdk-6 security update
2011-12-01 20:33:15
[SECURITY] [DSA 2358-1] openjdk-6 security update
2011-12-05 19:26:27
suse
suse
Security update for IBM Java (important)
2012-01-23 17:08:23
Security update for IBM Java 1.6.0 (important)
2012-03-06 21:08:29
Security update for IBM Java 1.4.2 (important)
2012-01-26 04:08:11
ubuntu
ubuntu
OpenJDK 6 regression
2012-01-24 00:00:00
IcedTea-Web, OpenJDK 6 vulnerabilities
2011-11-16 00:00:00
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:01:55
seebug
seebug
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
prion
prion
Design/Logic Flaw
2011-10-19 21:55:00
Design/Logic Flaw
2011-10-19 21:55:00
Design/Logic Flaw
2011-10-19 21:55:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Authorization Bypass
2019-05-02 04:55:59
Information Disclosure
2019-05-02 04:56:00
Authorization Bypass
2019-05-02 04:56:00
cert
cert
zdi
zdi
checkpoint_advisories
checkpoint_advisories
Oracle Java Applet Rhino Script Engine Policy Bypass (CVE-2011-3544)
2012-03-19 00:00:00
saint
saint
Oracle Java Rhino Script Engine Code Execution
2011-12-02 00:00:00
Oracle Java Rhino Script Engine Code Execution
2011-12-02 00:00:00