Lucene search

Veracode Vulnerability DatabaseVERACODE:23560

HistoryApr 10, 2020 - 12:30 a.m.

Arbitrary Code Execution

2020-04-1000:30:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

java is vulnerable to arbitrary code execution. A flaw in the Java Runtime Environment LDAP client could allow malicious data from an LDAP server to cause arbitrary code to be loaded and then run on an LDAP client.

CPENameOperatorVersion
java-1.6.0-openjdkeq1.6.0.0__0.25.b09.el5
java-1.6.0-ibmeq1.6.0.4__1jpp.1.el5
java-1.6.0-ibmeq1.6.0.4__1jpp.1.el4
java-1.6.0-openjdkeq1.6.0.0__0.25.b09.el5
java-1.6.0-ibmeq1.6.0.4__1jpp.1.el5
java-1.6.0-ibmeq1.6.0.4__1jpp.1.el4

Name	Operator	Version
java-1.6.0-openjdk	eq	1.6.0.0__0.25.b09.el5
java-1.6.0-ibm	eq	1.6.0.4__1jpp.1.el5
java-1.6.0-ibm	eq	1.6.0.4__1jpp.1.el4
java-1.6.0-openjdk	eq	1.6.0.0__0.25.b09.el5
java-1.6.0-ibm	eq	1.6.0.4__1jpp.1.el5
java-1.6.0-ibm	eq	1.6.0.4__1jpp.1.el4

References

blogs.sun.com/security/entry/advance_notification_of_security_updates4

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01745133

lists.opensuse.org/opensuse-security-announce/2009-04/msg00001.html

lists.opensuse.org/opensuse-security-announce/2009-05/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

lists.opensuse.org/opensuse-security-announce/2009-07/msg00001.html

marc.info/?l=bugtraq&m=124344236532162&w=2

secunia.com/advisories/34489

secunia.com/advisories/34495

secunia.com/advisories/34496

secunia.com/advisories/34632

secunia.com/advisories/34675

secunia.com/advisories/35156

secunia.com/advisories/35223

secunia.com/advisories/35255

secunia.com/advisories/35416

secunia.com/advisories/35776

secunia.com/advisories/36185

secunia.com/advisories/37386

secunia.com/advisories/37460

security.gentoo.org/glsa/glsa-200911-02.xml

sunsolve.sun.com/search/document.do?assetkey=1-21-118667-19-1

sunsolve.sun.com/search/document.do?assetkey=1-66-254569-1

support.avaya.com/elmodocs2/security/ASA-2009-108.htm

support.avaya.com/elmodocs2/security/ASA-2009-109.htm

www.debian.org/security/2009/dsa-1769

www.mandriva.com/security/advisories?name=MDVSA-2009:137

www.mandriva.com/security/advisories?name=MDVSA-2009:162

www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2009-0392.html

www.redhat.com/support/errata/RHSA-2009-0394.html

www.redhat.com/support/errata/RHSA-2009-1038.html

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/34240

www.securitytracker.com/id?1021893

www.ubuntu.com/usn/usn-748-1

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2009/1426

www.vupen.com/english/advisories/2009/1900

www.vupen.com/english/advisories/2009/3316

access.redhat.com/errata/RHSA-2009:0377

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11064

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6598

rhn.redhat.com/errata/RHSA-2009-0377.html

rhn.redhat.com/errata/RHSA-2009-1198.html

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for VERACODE:23560