VARIoT IoT vulnerabilities database
VAR-201201-0154 | CVE-2012-0919 | Hitachi IT Operations Director Cross-Site Scripting Vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 through 03-00-04, and possibly other versions before 03-00-06, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Hitachi IT Operation is used for system management. Hitachi IT Operation has cross-site scripting attacks on multiple products. Remote attackers can use the vulnerabilities to obtain sensitive information or hijack user sessions.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
Hitachi IT Operations Analyzer Unspecified Cross-Site Scripting
Vulnerability
SECUNIA ADVISORY ID:
SA47467
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47467/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47467
RELEASE DATE:
2012-01-10
DISCUSS ADVISORY:
http://secunia.com/advisories/47467/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/47467/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47467
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Hitachi IT Operations Analyzer,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Certain unspecified input is not properly sanitised before being
returned to the user.
The vulnerability is reported in versions 02-01, 02-51 through
02-51-01, and 02-53 through 02-53-02.
SOLUTION:
Filter malicious characters and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
Hitachi (English):
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html
Hitachi (Japanese):
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-001/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
SOLUTION:
Update or upgrade to version 03-00-06
VAR-201112-0312 | CVE-2011-2769 | Tor Enumerated bridge vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values. Tor (The Onion Router) is an implementation of the second generation of onion routing, which allows users to communicate anonymously over the Internet. Tor has security holes in its implementation that can be exploited by malicious users to disclose sensitive information. This vulnerability is caused by the client reusing a TLS certificate on some connections. Simulate a user's detection of multiple protection relays by using a user certificate identification key to determine the connection status of the user. Tor is prone to a remote information-disclosure vulnerability and a bridge enumeration weakness.
Exploits will allow attackers to obtain sensitive information that can help them launch further attacks.
Versions prior to Tor 0.2.2.34 are vulnerable. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Tor TLS Certificate Reuse User De-Anonymisation Security Issue
SECUNIA ADVISORY ID:
SA46634
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46634/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46634
RELEASE DATE:
2011-10-28
DISCUSS ADVISORY:
http://secunia.com/advisories/46634/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46634/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46634
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue has been reported in Tor, which can be exploited by
malicious people to disclose potentially sensitive information. This can be exploited to e.g.
fingerprint and de-anonymise a user by e.g.
Note: Additionally, enhancement have been made to protect against
bridge enumeration attacks.
SOLUTION:
Update to version 0.2.2.34.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits frosty_un.
ORIGINAL ADVISORY:
https://blog.torproject.org/blog/tor-02234-released-security-patches
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might
allow remote attackers to cause a denial of service (daemon crash)
via vectors related to failed DNS requests (CVE-2012-3517).
The networkstatus_parse_vote_from_string function in routerparse.c
in Tor before 0.2.2.38 does not properly handle an invalid flavor
name, which allows remote attackers to cause a denial of service
(out-of-bounds read and daemon crash) via a crafted (1) vote document
or (2) consensus document (CVE-2012-3518).
routerlist.c in Tor before 0.2.2.38 uses a different amount of time
for relay-list iteration depending on which relay is chosen, which
might allow remote attackers to obtain sensitive information about
relay selection via a timing side-channel attack (CVE-2012-3519).
The compare_tor_addr_to_addr_policy function in or/policies.c in
Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote
attackers to cause a denial of service (assertion failure and daemon
exit) via a zero-valued port field that is not properly handled during
policy comparison (CVE-2012-4419).
Tor before 0.2.2.39, when waiting for a client to renegotiate, allowed
it to add bytes to the input buffer, allowing a crash to be caused
remotely (tor-5934, tor-6007).
Denial of Service vulnerability in Tor before 0.2.3.25, due to an
error when handling SENDME cells and can be exploited to cause
excessive consumption of memory resources within an entry node
(SA51329, CVE-2012-5573).
The version of Tor shipped in MBS1 did not have correctly formed
systemd unit and thus failed to start.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5573
https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0184
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0276
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0356
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
8cadc920e4452cd2a3551a3cb01d9fcf mbs1/x86_64/tor-0.2.2.39-1.mbs1.x86_64.rpm
7cbba7170bc4f9e6ee8409398437570c mbs1/SRPMS/tor-0.2.2.39-1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA-2331-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
October 28, 2011 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : tor
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-2768 CVE-2011-2769
It has been discovered by "frosty_un" that a design flaw in Tor, an online
privacy tool, allows malicious relay servers to learn certain information
that they should not be able to learn. In combination with other attacks, this issue
can lead to deanonymizing the user. The Common Vulnerabilities and
Exposures project has assigned CVE-2011-2768 to this issue.
In addition to fixing the above mentioned issues, the updates to oldstable
and stable fix a number of less critical issues (CVE-2011-2769). Please
see this posting from the Tor blog for more information:
https://blog.torproject.org/blog/tor-02234-released-security-patches
For the oldstable distribution (lenny), this problem has been fixed in
version 0.2.1.31-1~lenny+1. Due to technical limitations in the Debian
archive scripts, the update cannot be released synchronously with the
packages for stable. It will be released shortly.
For the stable distribution (squeeze), this problem has been fixed in
version 0.2.1.31-1.
For the unstable and testing distributions, this problem has been fixed in
version 0.2.2.34-1.
For the experimental distribution, this problem have has fixed in version
0.2.3.6-alpha-1.
We recommend that you upgrade your tor packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6q1UIACgkQXm3vHE4uylrH1ACg6Y7x6by9MtC6d2whbYQvf0sV
qdgAoM3IeWEe985DCPmvdBDHmEQBDzpk
=HWr2
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201201-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Tor: Multiple vulnerabilities
Date: January 23, 2012
Bugs: #388769, #394969
ID: 201201-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Tor, the most severe of
which may allow a remote attacker to execute arbitrary code.
* When configured as a bridge, Tor relays can distinguish incoming
bridge connections from client connections (CVE-2011-2769).
* An error in or/buffers.c could result in a heap-based buffer overflow
(CVE-2011-2778).
Impact
======
A remote attacker could possibly execute arbitrary code or cause a
Denial of Service.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Tor users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tor-0.2.2.35"
References
==========
[ 1 ] CVE-2011-2768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2768
[ 2 ] CVE-2011-2769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2769
[ 3 ] CVE-2011-2778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2778
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-12.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
VAR-201112-0238 | CVE-2011-4836 |
HomeSeer HS2 Cross-Site Scripting Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201112-0030 |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI. HomeSeer HS2 home automation software web interface contains multiple vulnerabilities. An attacker can request a WEB page like http://ipaddress/example<script>alert(document.cookie)</script> to store JavaScript in In the log view page. Viewing the log file by the administrator can cause JavaScript to execute in the target browser. A successful CSRFG attack allows an attacker to run commands as an administrator user. An HTML-injection vulnerability.
2. A cross-site request-forgery vulnerability.
3. A directory-traversal vulnerability.
Attackers can exploit these issues to perform certain actions in the context of an authorized user's session, run arbitrary HTML and script code, and transfer files outside of the web directory. Other attacks may also be possible.
HomeSeer HS2 2.5.0.20 is vulnerable; prior versions may also be affected. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
HomeSeer HS2 Cross-Site Request Forgery and Script Insertion
Vulnerabilities
SECUNIA ADVISORY ID:
SA47191
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47191/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47191
RELEASE DATE:
2011-12-09
DISCUSS ADVISORY:
http://secunia.com/advisories/47191/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/47191/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47191
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Two vulnerabilities have been discovered in HomeSeer HS2, which can
be exploited by malicious people to conduct cross-site request
forgery and script insertion attacks.
1) Input passed via the URL is not properly sanitised before being
used.
2) The application allows users to perform certain actions via HTTP
requests without performing any validity checks to verify the
requests. This can be exploited to e.g. execute commands on a system
by tricking a user into visiting a malicious web site.
The vulnerabilities are confirmed in version 2.5.0.23.
SOLUTION:
Filter malicious characters and character sequences in a proxy. Do
not browse untrusted websites or follow untrusted links while logged
in to the application.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Silent Dream
ORIGINAL ADVISORY:
US-CERT (VU#796883):
http://www.kb.cert.org/vuls/id/796883
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-201112-0239 | CVE-2011-4837 |
HomeSeer HS2 Cross-Site Request Forgery Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201112-0030 |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs. HomeSeer HS2 home automation software web interface contains multiple vulnerabilities. An attacker can request a WEB page like http://ipaddress/example<script>alert(document.cookie)</script> to store JavaScript in In the log view page. Viewing the log file by the administrator can cause JavaScript to execute in the target browser. A successful CSRFG attack allows an attacker to run commands as an administrator user. An HTML-injection vulnerability.
2. A cross-site request-forgery vulnerability.
3. A directory-traversal vulnerability.
Attackers can exploit these issues to perform certain actions in the context of an authorized user's session, run arbitrary HTML and script code, and transfer files outside of the web directory. Other attacks may also be possible.
HomeSeer HS2 2.5.0.20 is vulnerable; prior versions may also be affected. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
HomeSeer HS2 Cross-Site Request Forgery and Script Insertion
Vulnerabilities
SECUNIA ADVISORY ID:
SA47191
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47191/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47191
RELEASE DATE:
2011-12-09
DISCUSS ADVISORY:
http://secunia.com/advisories/47191/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/47191/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47191
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Two vulnerabilities have been discovered in HomeSeer HS2, which can
be exploited by malicious people to conduct cross-site request
forgery and script insertion attacks.
1) Input passed via the URL is not properly sanitised before being
used.
2) The application allows users to perform certain actions via HTTP
requests without performing any validity checks to verify the
requests. This can be exploited to e.g. execute commands on a system
by tricking a user into visiting a malicious web site.
The vulnerabilities are confirmed in version 2.5.0.23.
SOLUTION:
Filter malicious characters and character sequences in a proxy. Do
not browse untrusted websites or follow untrusted links while logged
in to the application.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Silent Dream
ORIGINAL ADVISORY:
US-CERT (VU#796883):
http://www.kb.cert.org/vuls/id/796883
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-201112-0149 | CVE-2011-4051 |
InduSoft Web Studio 'CEServer' Remote code execution vulnerability
Related entries in the VARIoT exploits database: VAR-E-201111-0106 |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control. Authentication is not required to exploit this vulnerability.The flaw exists within the Remote Agent component (CEServer.exe) which listens by default on TCP port 4322. When handling incoming requests the process fails to perform any type of authentication. InduSoft Web Studio is a powerful and complete graphics control software that includes tools for developing Human Machine Interface (HMI), Management Control, Data Acquisition System (SCADA) and embedded control. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-330
November 16, 2011
- -- CVE ID:
CVE-2011-4051
- -- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
- -- Affected Vendors:
Indusoft
- -- Affected Products:
Indusoft WebStudio
- -- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 11473. Authentication is not
required to exploit this vulnerability.
- -- Vendor Response:
Indusoft has issued an update to correct this vulnerability. More
details can be found at:
http://www.indusoft.com/hotfixes/hotfixes.php
- -- Disclosure Timeline:
2011-04-27 - Vulnerability reported to vendor
2011-11-16 - Coordinated public release of advisory
- -- Credit:
This vulnerability was discovered by:
* Luigi Auriemma
- -- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJOw/QMAAoJEFVtgMGTo1sc8v0IAJk2gKvTpcirXBUMyNtvwDAN
042nyN5QUvS31Litol+BSykbe1rAaozIAoePXdk3b3TrRLA8I94oasct2iyZ0HOy
0fySTePXckdm1+F606LqV3++wkcr0YmuX1rUeQcZNbuY0Pna0kySt66vKjPnjIsF
4aSBEWayFl2Oc/ja4UCw3vnvLQzqM4XETc5mAsMaNk5SEAyHuwNGSpjdqf9VYygj
MoO2uRL3H8FMPQOAtPNF3PO9EoYUUx/SIV6Gv6pGgvnKZ/le7pnBdFTGXq94iCUt
Vo3QvLF8x/C+3vTr1Mw0HafzvW0uUuG8SI8h9j+LIl7jc8Q+K4wVusB8egBlj0Q=
=1X8g
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
InduSoft Web Studio CEServer Security Bypass and Buffer Overflow
Vulnerabilities
SECUNIA ADVISORY ID:
SA46871
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46871/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46871
RELEASE DATE:
2011-11-16
DISCUSS ADVISORY:
http://secunia.com/advisories/46871/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46871/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46871
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue and a vulnerability have been reported in InduSoft
Web Studio, which can be exploited by malicious people to bypass
certain security restrictions and compromise a vulnerable system.
2) A boundary error within the remote agent component (CEServer.exe)
when handling the remove file operation (0x15) can be exploited to
cause a stack-based buffer overflow.
The security issue and the vulnerability are reported in versions
prior to 7.0 Service Pack 1 Patch 1.
SOLUTION:
Apply Service Pack 1 Patch 1.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Luigi Auriemma via ZDI.
ORIGINAL ADVISORY:
InduSoft:
http://www.indusoft.com/hotfixes/hotfixes.php
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-201111-0177 | CVE-2011-4498 | Zenprise Device Manager Cross-Site Request Forgery Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests that wipe mobile devices. Zenprise Inc. Zenprise Inc. Provided by Zenprise Device Manager Is software for managing mobile devices. An attacker could exploit the vulnerability to perform certain administrative actions and unauthorized access to the affected application. Other attacks are also possible. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
----------------------------------------------------------------------
TITLE:
Zenprise Device Manager Web Console Cross-Site Request Forgery
Vulnerability
SECUNIA ADVISORY ID:
SA46937
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46937/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46937
RELEASE DATE:
2011-11-21
DISCUSS ADVISORY:
http://secunia.com/advisories/46937/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46937/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46937
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Zenprise Device Manager, which
can be exploited by malicious people to conduct cross-site request
forgery attacks.
The web console allows users to perform certain actions via HTTP
requests without performing any validity checks to verify the
requests. This can be exploited to e.g. execute commands on a device
by tricking an administrative user into visiting a malicious web
site.
The vulnerability is reported in versions 6.0 through 6.1.8.
SOLUTION:
Apply patch
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Laurent Oudot, TEHTRI-Security.
ORIGINAL ADVISORY:
US-CERT (VU#584363):
http://www.kb.cert.org/vuls/id/584363
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
VAR-201110-0393 | CVE-2011-3546 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to Deployment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, JavaFX 2.0. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0381 | CVE-2011-3550 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 7.6 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.
The vulnerability can be exploited over multiple protocols. This issue affects the 'AWT' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products.
SOLUTION:
Update to a fixed version. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0379 | CVE-2011-3561 | Oracle Java SE of Java Runtime Environment (JRE) Vulnerabilities in components |
CVSS V2: 1.8 CVSS V3: - Severity: LOW |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, JavaFX 2.0. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0395 | CVE-2011-3548 | Oracle ‘ Java Runtime Environment ’ Component security vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'AWT' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, 5.0 Update 31, 1.4.2_33. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
CVE-2011-3521
The CORBA implementation contains a deserialization
vulnerability in the IIOP implementation, allowing untrusted
Java code (such as applets) to elevate its privileges.
CVE-2011-3547
The skip() method in java.io.InputStream uses a shared buffer,
allowing untrusted Java code (such as applets) to access data
that is skipped by other code.
CVE-2011-3551
The Java2D C code contains an integer overflow which results
in a heap-based buffer overflow, potentially allowing
untrusted Java code (such as applets) to elevate its
privileges.
CVE-2011-3552
Malicous Java code can use up an excessive amount of UDP
ports, leading to a denial of service.
CVE-2011-3553
JAX-WS enables stack traces for certain server responses by
default, potentially leaking sensitive information.
CVE-2011-3554
JAR files in pack200 format are not properly checked for
errors, potentially leading to arbitrary code execution when
unpacking crafted pack200 files.
CVE-2011-3556
The RMI Registry server lacks access restrictions on certain
methods, allowing a remote client to execute arbitary code.
CVE-2011-3557
The RMI Registry server fails to properly restrict privileges
of untrusted Java code, allowing RMI clients to elevate their
privileges on the RMI Registry server.
CVE-2011-3560
The com.sun.net.ssl.HttpsURLConnection class does not perform
proper security manager checks in the setSSLSocketFactory()
method, allowing untrusted Java code to bypass security policy
restrictions.
For the stable distribution (squeeze), this problem has been fixed in
version 6b18-1.8.10-0+squeeze1.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 6b23~pre11-1.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to 2D (CVE-2011-3551).
IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity
via unknown vectors related to Networking (CVE-2011-3552).
IcedTea6 prior to 1.10.4 allows remote authenticated users to affect
confidentiality, related to JAXWS (CVE-2011-3553).
A flaw was found in the way the SSL 3 and TLS 1.0 protocols used
block ciphers in cipher-block chaining (CBC) mode. An attacker able
to perform a chosen plain text attack against a connection mixing
trusted and untrusted data could use this flaw to recover portions
of the trusted data sent over the connection (CVE-2011-3389).
Note: This update mitigates the CVE-2011-3389 issue by splitting
the first application data record byte to a separate SSL/TLS
protocol record. This mitigation may cause compatibility issues
with some SSL/TLS implementations and can be disabled using the
jsse.enableCBCProtection boolean property. This can be done on the
command line by appending the flag -Djsse.enableCBCProtection=false
to the java command.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3556).
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3557).
Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea project Web browser plugin. A
malicious applet could use this flaw to bypass SOP protection and
open connections to any sub-domain of the second-level domain of
the applet's origin, as well as any sub-domain of the domain that
is the suffix of the origin second-level domain. For example,
IcedTea-Web plugin allowed applet from some.host.example.com to
connect to other.host.example.com, www.example.com, and example.com,
as well as www.ample.com or ample.com. (CVE-2011-3377). The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI
aaF2JGTyfceBABs92un/yVA=
=yPsD
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0385 | CVE-2011-3554 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Java Runtime Environment' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, 5.0 Update 31. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-ibm security update
Advisory ID: RHSA-2012:0034-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0034.html
Issue date: 2012-01-18
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3556
CVE-2011-3557 CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Detailed
vulnerability descriptions are linked from the IBM "Security alerts" page,
listed in the References section. (CVE-2011-3389, CVE-2011-3516,
CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547,
CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552,
CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560,
CVE-2011-3561)
All users of java-1.6.0-ibm are advised to upgrade to these updated
packages, containing the IBM Java 6 SR10 release. All running instances
of IBM Java must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.i386.rpm
ppc:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.ppc.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.ppc64.rpm
s390:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.s390.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.s390.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.s390.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.s390.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.s390.rpm
s390x:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.s390x.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.s390x.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.s390x.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.s390x.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.s390x.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.i386.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.i386.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.i386.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.i386.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.i386.rpm
ppc:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.ppc.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.ppc64.rpm
s390x:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.s390.rpm
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.s390x.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.s390x.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.s390.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.s390x.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.s390.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.s390x.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.s390.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.s390x.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.s390.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.s390x.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-accessibility-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.i386.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.i686.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.i686.rpm
ppc64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.ppc.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.ppc64.rpm
s390x:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.s390x.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.s390x.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.s390.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.s390x.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.s390x.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.s390x.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.i686.rpm
x86_64:
java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-demo-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.i686.rpm
java-1.6.0-ibm-devel-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-javacomm-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-jdbc-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-plugin-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
java-1.6.0-ibm-src-1.6.0.10.0-1jpp.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.ibm.com/developerworks/java/jdk/alerts/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPFx2vXlSAg2UNWIIRAhTiAKC/De/npwAlSJPQ/Grh51Bmxq3M5ACgvw8T
hoc/VGW50B8EPSdZ48jR034=
=nw0v
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. This combines the two previous
openjdk-6 advisories, DSA-2311-1 and DSA-2356-1.
CVE-2011-0862
Integer overflow errors in the JPEG and font parser allow
untrusted code (including applets) to elevate its privileges.
CVE-2011-0864
Hotspot, the just-in-time compiler in OpenJDK, mishandled
certain byte code instructions, allowing untrusted code
(including applets) to crash the virtual machine.
CVE-2011-0865
A race condition in signed object deserialization could
allow untrusted code to modify signed content, apparently
leaving its signature intact.
CVE-2011-0867
Untrusted code (including applets) could access information
about network interfaces which was not intended to be public.
(Note that the interface MAC address is still available to
untrusted code.)
CVE-2011-0868
A float-to-long conversion could overflow, , allowing
untrusted code (including applets) to crash the virtual
machine.
CVE-2011-0869
Untrusted code (including applets) could intercept HTTP
requests by reconfiguring proxy settings through a SOAP
connection.
CVE-2011-0871
Untrusted code (including applets) could elevate its
privileges through the Swing MediaTracker code.
CVE-2011-3521
The CORBA implementation contains a deserialization
vulnerability in the IIOP implementation, allowing untrusted
Java code (such as applets) to elevate its privileges.
CVE-2011-3547
The skip() method in java.io.InputStream uses a shared buffer,
allowing untrusted Java code (such as applets) to access data
that is skipped by other code.
CVE-2011-3551
The Java2D C code contains an integer overflow which results
in a heap-based buffer overflow, potentially allowing
untrusted Java code (such as applets) to elevate its
privileges.
CVE-2011-3552
Malicous Java code can use up an excessive amount of UDP
ports, leading to a denial of service.
CVE-2011-3553
JAX-WS enables stack traces for certain server responses by
default, potentially leaking sensitive information.
CVE-2011-3554
JAR files in pack200 format are not properly checked for
errors, potentially leading to arbitrary code execution when
unpacking crafted pack200 files.
CVE-2011-3556
The RMI Registry server lacks access restrictions on certain
methods, allowing a remote client to execute arbitary code.
CVE-2011-3557
The RMI Registry server fails to properly restrict privileges
of untrusted Java code, allowing RMI clients to elevate their
privileges on the RMI Registry server.
CVE-2011-3560
The com.sun.net.ssl.HttpsURLConnection class does not perform
proper security manager checks in the setSSLSocketFactory()
method, allowing untrusted Java code to bypass security policy
restrictions.
For the oldstable distribution (lenny), these problems have been fixed
in version 6b18-1.8.10-0~lenny1.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to 2D (CVE-2011-3551).
IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity
via unknown vectors related to Networking (CVE-2011-3552).
IcedTea6 prior to 1.10.4 allows remote authenticated users to affect
confidentiality, related to JAXWS (CVE-2011-3553).
A flaw was found in the way the SSL 3 and TLS 1.0 protocols used
block ciphers in cipher-block chaining (CBC) mode. An attacker able
to perform a chosen plain text attack against a connection mixing
trusted and untrusted data could use this flaw to recover portions
of the trusted data sent over the connection (CVE-2011-3389).
Note: This update mitigates the CVE-2011-3389 issue by splitting
the first application data record byte to a separate SSL/TLS
protocol record. This mitigation may cause compatibility issues
with some SSL/TLS implementations and can be disabled using the
jsse.enableCBCProtection boolean property. This can be done on the
command line by appending the flag -Djsse.enableCBCProtection=false
to the java command.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3556).
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3557).
Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea project Web browser plugin. A
malicious applet could use this flaw to bypass SOP protection and
open connections to any sub-domain of the second-level domain of
the applet's origin, as well as any sub-domain of the domain that
is the suffix of the origin second-level domain. For example,
IcedTea-Web plugin allowed applet from some.host.example.com to
connect to other.host.example.com, www.example.com, and example.com,
as well as www.ample.com or ample.com. (CVE-2011-3377). The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI
aaF2JGTyfceBABs92un/yVA=
=yPsD
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
VAR-201110-0347 | CVE-2011-3516 | Windows Run on Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 7.6 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component.
This vulnerability affects the following supported versions:
6 Update 27. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
Download it here!
http://secunia.com/psi_30_beta_launch
----------------------------------------------------------------------
TITLE:
Xerox FreeFlow Print Server Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA48308
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/48308/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=48308
RELEASE DATE:
2012-03-14
DISCUSS ADVISORY:
http://secunia.com/advisories/48308/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/48308/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48308
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Xerox has acknowledged multiple vulnerabilities in Xerox FreeFlow
Print Server, which can be exploited by malicious, local users to
gain escalated privileges, bypass certain security restrictions, and
cause a DoS (Denial of Service), by malicious users to disclose
certain information, and by malicious people to conduct cross-site
scripting attacks, hijack a user's session, disclose potentially
sensitive information, bypass certain security restrictions, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a user's system.
SOLUTION:
Apply updates. Please see the vendor's advisory for more details.
ORIGINAL ADVISORY:
http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_XRX12-002_v1.1.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section. (CVE-2011-3389,
CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546,
CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551,
CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556,
CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561)
All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide JDK and JRE 6 Update 29 and resolve these issues.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0389 | CVE-2011-3558 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot.
The vulnerability can be exploited over multiple protocols. This issue affects the 'HotSpot' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Impact
======
A remote attacker could exploit these vulnerabilities to cause
unspecified impact, possibly including remote execution of arbitrary
code.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products.
SOLUTION:
Update to a fixed version. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to 2D (CVE-2011-3551).
IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity
via unknown vectors related to Networking (CVE-2011-3552).
IcedTea6 prior to 1.10.4 allows remote authenticated users to affect
confidentiality, related to JAXWS (CVE-2011-3553).
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3556).
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability, related to RMI
(CVE-2011-3557).
Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea project Web browser plugin. A
malicious applet could use this flaw to bypass SOP protection and
open connections to any sub-domain of the second-level domain of
the applet's origin, as well as any sub-domain of the domain that
is the suffix of the origin second-level domain. For example,
IcedTea-Web plugin allowed applet from some.host.example.com to
connect to other.host.example.com, www.example.com, and example.com,
as well as www.ample.com or ample.com. (CVE-2011-3377). The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI
aaF2JGTyfceBABs92un/yVA=
=yPsD
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-openjdk security update
Advisory ID: RHSA-2011:1380-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1380.html
Issue date: 2011-10-18
CVE Names: CVE-2011-3389 CVE-2011-3521 CVE-2011-3544
CVE-2011-3547 CVE-2011-3548 CVE-2011-3551
CVE-2011-3552 CVE-2011-3553 CVE-2011-3554
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
A flaw was found in the Java RMI (Remote Method Invocation) registry
implementation. A remote RMI client could use this flaw to execute
arbitrary code on the RMI server running the registry. (CVE-2011-3556)
A flaw was found in the Java RMI registry implementation. A remote RMI
client could use this flaw to execute code on the RMI server with
unrestricted privileges. (CVE-2011-3557)
A flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization
code. An untrusted Java application or applet running in a sandbox could
use this flaw to bypass sandbox restrictions by deserializing
specially-crafted input. (CVE-2011-3521)
It was found that the Java ScriptingEngine did not properly restrict the
privileges of sandboxed applications. An untrusted Java application or
applet running in a sandbox could use this flaw to bypass sandbox
restrictions. (CVE-2011-3544)
A flaw was found in the AWTKeyStroke implementation. An untrusted Java
application or applet running in a sandbox could use this flaw to bypass
sandbox restrictions. (CVE-2011-3548)
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the Java2D code used to perform transformations of graphic shapes
and images. An untrusted Java application or applet running in a sandbox
could use this flaw to bypass sandbox restrictions. (CVE-2011-3551)
An insufficient error checking flaw was found in the unpacker for JAR files
in pack200 format. A specially-crafted JAR file could use this flaw to
crash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code
with JVM privileges. (CVE-2011-3554)
It was found that HttpsURLConnection did not perform SecurityManager checks
in the setSSLSocketFactory method. An untrusted Java application or applet
running in a sandbox could use this flaw to bypass connection restrictions
defined in the policy. (CVE-2011-3560)
A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block
ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a
chosen plain text attack against a connection mixing trusted and untrusted
data could use this flaw to recover portions of the trusted data sent over
the connection. (CVE-2011-3389)
Note: This update mitigates the CVE-2011-3389 issue by splitting the first
application data record byte to a separate SSL/TLS protocol record. This
mitigation may cause compatibility issues with some SSL/TLS implementations
and can be disabled using the jsse.enableCBCProtection boolean property.
This can be done on the command line by appending the flag
"-Djsse.enableCBCProtection=false" to the java command.
An information leak flaw was found in the InputStream.skip implementation.
An untrusted Java application or applet could possibly use this flaw to
obtain bytes skipped by other threads. (CVE-2011-3547)
A flaw was found in the Java HotSpot virtual machine. An untrusted Java
application or applet could use this flaw to disclose portions of the VM
memory, or cause it to crash. (CVE-2011-3558)
The Java API for XML Web Services (JAX-WS) implementation in OpenJDK was
configured to include the stack trace in error messages sent to clients. A
remote client could possibly use this flaw to obtain sensitive information.
(CVE-2011-3553)
It was found that Java applications running with SecurityManager
restrictions were allowed to use too many UDP sockets by default. If
multiple instances of a malicious application were started at the same
time, they could exhaust all available UDP sockets on the system.
(CVE-2011-3552)
This erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/NEWS
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOngvzXlSAg2UNWIIRArb8AKCaS923HYBco1E2eOOedT1aefjmyACgherU
1E1DMZpv3ExBmKhD4Emi2no=
=sMXo
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201110-0352 | CVE-2011-3521 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the way Java handles IIOP deserialization. Due to insufficient type checking it is possible to trick java into allowing access to otherwise protected and private fields in built-in objects. This could be used, for example, to disable to security manager normally in place for applets. This leads to remote code execution under the context of the current user.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Deserialization' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, 5.0 Update 31. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
.
Background
==========
IcedTea is a distribution of the Java OpenJDK source code built with
free build tools. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
CVE-2011-3547
The skip() method in java.io.InputStream uses a shared buffer,
allowing untrusted Java code (such as applets) to access data
that is skipped by other code.
CVE-2011-3551
The Java2D C code contains an integer overflow which results
in a heap-based buffer overflow, potentially allowing
untrusted Java code (such as applets) to elevate its
privileges.
CVE-2011-3553
JAX-WS enables stack traces for certain server responses by
default, potentially leaking sensitive information.
CVE-2011-3560
The com.sun.net.ssl.HttpsURLConnection class does not perform
proper security manager checks in the setSSLSocketFactory()
method, allowing untrusted Java code to bypass security policy
restrictions.
For the stable distribution (squeeze), this problem has been fixed in
version 6b18-1.8.10-0+squeeze1.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 6b23~pre11-1.
We recommend that you upgrade your openjdk-6 packages. ==========================================================================
Ubuntu Security Notice USN-1263-1
November 16, 2011
icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed.
Software Description:
- icedtea-web: A web browser plugin to execute Java applets
- openjdk-6: Open Source Java implementation
- openjdk-6b18: Open Source Java implementation
Details:
Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea web browser plugin. This could allow a
remote attacker to open connections to certain hosts that should
not be permitted. (CVE-2011-3377)
Juliano Rizzo and Thai Duong discovered that the block-wise AES
encryption algorithm block-wise as used in TLS/SSL was vulnerable to
a chosen-plaintext attack. This could allow a remote attacker to view
confidential data. (CVE-2011-3389)
It was discovered that a type confusion flaw existed in the in
the Internet Inter-Orb Protocol (IIOP) deserialization code. (CVE-2011-3521)
It was discovered that the Java scripting engine did not perform
SecurityManager checks. (CVE-2011-3544)
It was discovered that the InputStream class used a global buffer to
store input bytes skipped. An attacker could possibly use this to gain
access to sensitive information. (CVE-2011-3547)
It was discovered that a vulnerability existed in the AWTKeyStroke
class. (CVE-2011-3548)
It was discovered that an integer overflow vulnerability existed
in the TransformHelper class in the Java2D implementation. (CVE-2011-3551)
It was discovered that the default number of available UDP sockets for
applications running under SecurityManager restrictions was set too
high. A remote attacker could use this with a malicious application or
applet exhaust the number of available UDP sockets to cause a denial
of service for other applets or applications running within the same
JVM. (CVE-2011-3552)
It was discovered that Java API for XML Web Services (JAX-WS) could
incorrectly expose a stack trace. A remote attacker could potentially
use this to gain access to sensitive information. (CVE-2011-3553)
It was discovered that the unpacker for pack200 JAR files did not
sufficiently check for errors. An attacker could cause a denial of
service or possibly execute arbitrary code through a specially crafted
pack200 JAR file. (CVE-2011-3554)
It was discovered that the RMI registration implementation did not
properly restrict privileges of remotely executed code.
(CVE-2011-3556, CVE-2011-3557)
It was discovered that the HotSpot VM could be made to crash, allowing
an attacker to cause a denial of service or possibly leak sensitive
information. (CVE-2011-3558)
It was discovered that the HttpsURLConnection class did not
properly perform SecurityManager checks in certain situations. This
could allow a remote attacker to bypass restrictions on HTTPS
connections. (CVE-2011-3560)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10
icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10
icedtea-netx 1.1.3-1ubuntu1.1
icedtea-plugin 1.1.3-1ubuntu1.1
openjdk-6-jre 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10
Ubuntu 11.04:
icedtea-6-jre-cacao 6b22-1.10.4-0ubuntu1~11.04.1
icedtea-6-jre-jamvm 6b22-1.10.4-0ubuntu1~11.04.1
icedtea-netx 1.1.1-0ubuntu1~11.04.2
icedtea-plugin 1.1.1-0ubuntu1~11.04.2
openjdk-6-jre 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-headless 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-lib 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-zero 6b22-1.10.4-0ubuntu1~11.04.1
Ubuntu 10.10:
icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jdk 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.10.2
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.04.2
icedtea6-plugin 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.04.2
After a standard system update you need to restart any Java applications
or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update
Advisory ID: RHSA-2011:1384-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1384.html
Issue date: 2011-10-19
CVE Names: CVE-2011-3389 CVE-2011-3516 CVE-2011-3521
CVE-2011-3544 CVE-2011-3545 CVE-2011-3546
CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3550 CVE-2011-3551 CVE-2011-3552
CVE-2011-3553 CVE-2011-3554 CVE-2011-3555
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560 CVE-2011-3561
=====================================================================
1. Summary:
Updated java-1.6.0-sun packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section.
All running instances of Sun Java must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)
747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)
747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)
747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)
747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el5.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.i586.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.i686.rpm
java-1.6.0-sun-devel-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.29-1jpp.1.el6.x86_64.rpm
java-1.6.0-sun-src-1.6.0.29-1jpp.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3516.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3545.html
https://www.redhat.com/security/data/cve/CVE-2011-3546.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3549.html
https://www.redhat.com/security/data/cve/CVE-2011-3550.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3555.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://www.redhat.com/security/data/cve/CVE-2011-3561.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOnw+BXlSAg2UNWIIRArM2AJwNT0vxdrXLgkZjOCwP8LkDemBYzQCbBrE3
0MJzQCB587rTzSRSo+gGytc=
=809z
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
.
Release Date: 2012-01-23
Last Updated: 2012-01-23
------------------------------------------------------------------------------
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
VAR-201110-0387 | CVE-2011-3556 | Oracle Java SE of Java Runtime Environment (JRE) Component vulnerabilities |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'RMI' sub-component.
This vulnerability affects the following supported versions:
JDK and JRE 7, 6 Update 27, 5.0 Update 31, 1.4.2_33, JRockit R28.1.4. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Oracle JRE/JDK: Multiple vulnerabilities
Date: November 05, 2011
Bugs: #340421, #354213, #370559, #387851
ID: 201111-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in the Oracle JRE/JDK,
allowing attackers to cause unspecified impact.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 *
2 app-emulation/emul-linux-x86-java
< 1.6.0.29 >= 1.6.0.29 *
3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 *
-------------------------------------------------------------------
NOTE: Packages marked with asterisks require manual intervention!
-------------------------------------------------------------------
3 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in the Oracle Java
implementation.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Oracle JDK 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"
All Oracle JRE 1.6 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"
All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to
the latest version:
# emerge --sync
# emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"
NOTE: As Oracle has revoked the DLJ license for its Java
implementation, the packages can no longer be updated automatically.
This limitation is not present on a non-fetch restricted implementation
such as dev-java/icedtea-bin.
References
==========
[ 1 ] CVE-2010-3541
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541
[ 2 ] CVE-2010-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548
[ 3 ] CVE-2010-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549
[ 4 ] CVE-2010-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550
[ 5 ] CVE-2010-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551
[ 6 ] CVE-2010-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552
[ 7 ] CVE-2010-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553
[ 8 ] CVE-2010-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554
[ 9 ] CVE-2010-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555
[ 10 ] CVE-2010-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556
[ 11 ] CVE-2010-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557
[ 12 ] CVE-2010-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558
[ 13 ] CVE-2010-3559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559
[ 14 ] CVE-2010-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560
[ 15 ] CVE-2010-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561
[ 16 ] CVE-2010-3562
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562
[ 17 ] CVE-2010-3563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563
[ 18 ] CVE-2010-3565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565
[ 19 ] CVE-2010-3566
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566
[ 20 ] CVE-2010-3567
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567
[ 21 ] CVE-2010-3568
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568
[ 22 ] CVE-2010-3569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569
[ 23 ] CVE-2010-3570
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570
[ 24 ] CVE-2010-3571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571
[ 25 ] CVE-2010-3572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572
[ 26 ] CVE-2010-3573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573
[ 27 ] CVE-2010-3574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574
[ 28 ] CVE-2010-4422
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422
[ 29 ] CVE-2010-4447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447
[ 30 ] CVE-2010-4448
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448
[ 31 ] CVE-2010-4450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450
[ 32 ] CVE-2010-4451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451
[ 33 ] CVE-2010-4452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452
[ 34 ] CVE-2010-4454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454
[ 35 ] CVE-2010-4462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462
[ 36 ] CVE-2010-4463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463
[ 37 ] CVE-2010-4465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465
[ 38 ] CVE-2010-4466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466
[ 39 ] CVE-2010-4467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467
[ 40 ] CVE-2010-4468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468
[ 41 ] CVE-2010-4469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469
[ 42 ] CVE-2010-4470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470
[ 43 ] CVE-2010-4471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471
[ 44 ] CVE-2010-4472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472
[ 45 ] CVE-2010-4473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473
[ 46 ] CVE-2010-4474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474
[ 47 ] CVE-2010-4475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475
[ 48 ] CVE-2010-4476
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476
[ 49 ] CVE-2011-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802
[ 50 ] CVE-2011-0814
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814
[ 51 ] CVE-2011-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815
[ 52 ] CVE-2011-0862
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862
[ 53 ] CVE-2011-0863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863
[ 54 ] CVE-2011-0864
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864
[ 55 ] CVE-2011-0865
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865
[ 56 ] CVE-2011-0867
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867
[ 57 ] CVE-2011-0868
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868
[ 58 ] CVE-2011-0869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869
[ 59 ] CVE-2011-0871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871
[ 60 ] CVE-2011-0872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872
[ 61 ] CVE-2011-0873
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873
[ 62 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 63 ] CVE-2011-3516
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516
[ 64 ] CVE-2011-3521
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521
[ 65 ] CVE-2011-3544
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544
[ 66 ] CVE-2011-3545
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545
[ 67 ] CVE-2011-3546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546
[ 68 ] CVE-2011-3547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547
[ 69 ] CVE-2011-3548
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548
[ 70 ] CVE-2011-3549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549
[ 71 ] CVE-2011-3550
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550
[ 72 ] CVE-2011-3551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551
[ 73 ] CVE-2011-3552
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552
[ 74 ] CVE-2011-3553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553
[ 75 ] CVE-2011-3554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554
[ 76 ] CVE-2011-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555
[ 77 ] CVE-2011-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556
[ 78 ] CVE-2011-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557
[ 79 ] CVE-2011-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558
[ 80 ] CVE-2011-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560
[ 81 ] CVE-2011-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-02.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Hitachi Cosminexus Products Java Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46694
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46694/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
RELEASE DATE:
2011-11-08
DISCUSS ADVISORY:
http://secunia.com/advisories/46694/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46694/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46694
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Hitachi has acknowledged multiple vulnerabilities in Hitachi
Cosminexus products, which can be exploited by malicious users to
disclose certain information and by malicious people to disclose
potentially sensitive information, hijack a user's session, conduct
DNS cache poisoning attacks, manipulate certain data, cause a DoS
(Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to vulnerabilities in the bundled
version of Cosminexus Developer's Kit for Java.
For more information:
SA46512
Please see the vendor's advisory for a list of affected products.
SOLUTION:
Update to a fixed version. Please see the vendor's advisory for
details.
ORIGINAL ADVISORY:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ==========================================================================
Ubuntu Security Notice USN-1263-1
November 16, 2011
icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed.
Software Description:
- icedtea-web: A web browser plugin to execute Java applets
- openjdk-6: Open Source Java implementation
- openjdk-6b18: Open Source Java implementation
Details:
Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea web browser plugin. This could allow a
remote attacker to open connections to certain hosts that should
not be permitted. (CVE-2011-3377)
Juliano Rizzo and Thai Duong discovered that the block-wise AES
encryption algorithm block-wise as used in TLS/SSL was vulnerable to
a chosen-plaintext attack. This could allow a remote attacker to view
confidential data. (CVE-2011-3521)
It was discovered that the Java scripting engine did not perform
SecurityManager checks. (CVE-2011-3544)
It was discovered that the InputStream class used a global buffer to
store input bytes skipped. (CVE-2011-3547)
It was discovered that a vulnerability existed in the AWTKeyStroke
class. (CVE-2011-3548)
It was discovered that an integer overflow vulnerability existed
in the TransformHelper class in the Java2D implementation.
(CVE-2011-3556, CVE-2011-3557)
It was discovered that the HotSpot VM could be made to crash, allowing
an attacker to cause a denial of service or possibly leak sensitive
information. (CVE-2011-3558)
It was discovered that the HttpsURLConnection class did not
properly perform SecurityManager checks in certain situations. This
could allow a remote attacker to bypass restrictions on HTTPS
connections. (CVE-2011-3560)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10
icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10
icedtea-netx 1.1.3-1ubuntu1.1
icedtea-plugin 1.1.3-1ubuntu1.1
openjdk-6-jre 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10
openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10
Ubuntu 11.04:
icedtea-6-jre-cacao 6b22-1.10.4-0ubuntu1~11.04.1
icedtea-6-jre-jamvm 6b22-1.10.4-0ubuntu1~11.04.1
icedtea-netx 1.1.1-0ubuntu1~11.04.2
icedtea-plugin 1.1.1-0ubuntu1~11.04.2
openjdk-6-jre 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-headless 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-lib 6b22-1.10.4-0ubuntu1~11.04.1
openjdk-6-jre-zero 6b22-1.10.4-0ubuntu1~11.04.1
Ubuntu 10.10:
icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jdk 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.10.2
openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.10.2
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.04.2
icedtea6-plugin 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.04.2
openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.04.2
After a standard system update you need to restart any Java applications
or applets to make all the necessary changes.
IcedTea6 prior to 1.10.4 allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to 2D (CVE-2011-3551).
IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity
via unknown vectors related to Networking (CVE-2011-3552).
IcedTea6 prior to 1.10.4 allows remote authenticated users to affect
confidentiality, related to JAXWS (CVE-2011-3553).
IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality
via unknown vectors related to HotSpot (CVE-2011-3558). A
malicious applet could use this flaw to bypass SOP protection and
open connections to any sub-domain of the second-level domain of
the applet's origin, as well as any sub-domain of the domain that
is the suffix of the origin second-level domain. For example,
IcedTea-Web plugin allowed applet from some.host.example.com to
connect to other.host.example.com, www.example.com, and example.com,
as well as www.ample.com or ample.com. (CVE-2011-3377). The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI
aaF2JGTyfceBABs92un/yVA=
=yPsD
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac
OS X 10.6 Update 6
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
are now available and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
Mac OS X v10.7.2, Mac OS X Server v10.7.2
Impact: Multiple vulnerabilities in Java 1.6.0_26
Description: Multiple vulnerabilities exist in Java 1.6.0_26, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox.
These issues are addressed by updating to Java version 1.6.0_29.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3545
CVE-2011-3546
CVE-2011-3547
CVE-2011-3548
CVE-2011-3549
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3561
Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
may be obtained from the Software Update pane in System Preferences,
or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b
For Mac OS X v10.7 systems
The download file is named: JavaForMacOSX10.7.dmg
Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP
2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW
t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4
mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL
wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS
D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=
=4KBF
-----END PGP SIGNATURE-----
.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2011-3389 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-3516 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3521 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3544 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3545 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3546 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8
CVE-2011-3547 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3548 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3549 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3550 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6
CVE-2011-3551 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-3552 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6
CVE-2011-3553 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 3.5
CVE-2011-3554 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
CVE-2011-3556 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3557 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3558 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-3560 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2011-3561 (AV:A/AC:H/Au:N/C:P/I:N/A:N) 1.8
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. This bulletin will be revised as other upgrades for additional supported Java versions become available.
The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31
JDK and JRE v6.0.13 or subsequent
MANUAL ACTIONS: Yes - Update
For Java v6.0.12 and earlier, update to Java v6.0.13 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
Jre60.JRE60-COM
Jre60.JRE60-IPF32
Jre60.JRE60-IPF32-HS
Jre60.JRE60-IPF64
Jre60.JRE60-IPF64-HS
Jre60.JRE60-PA20
Jre60.JRE60-PA20-HS
Jre60.JRE60-PA20W
Jre60.JRE60-PA20W-HS
Jdk60.JDK60-COM
Jdk60.JDK60-IPF32
Jdk60.JDK60-IPF64
Jdk60.JDK60-PA20
Jdk60.JDK60-PA20W
action: install revision 1.6.0.13.00 or subsequent
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 23 January 2012 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-openjdk security update
Advisory ID: RHSA-2011:1380-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1380.html
Issue date: 2011-10-18
CVE Names: CVE-2011-3389 CVE-2011-3521 CVE-2011-3544
CVE-2011-3547 CVE-2011-3548 CVE-2011-3551
CVE-2011-3552 CVE-2011-3553 CVE-2011-3554
CVE-2011-3556 CVE-2011-3557 CVE-2011-3558
CVE-2011-3560
=====================================================================
1. Summary:
Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
A flaw was found in the Java RMI (Remote Method Invocation) registry
implementation. A remote RMI client could use this flaw to execute
arbitrary code on the RMI server running the registry. (CVE-2011-3556)
A flaw was found in the Java RMI registry implementation. A remote RMI
client could use this flaw to execute code on the RMI server with
unrestricted privileges. (CVE-2011-3557)
A flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization
code. An untrusted Java application or applet running in a sandbox could
use this flaw to bypass sandbox restrictions by deserializing
specially-crafted input. (CVE-2011-3521)
It was found that the Java ScriptingEngine did not properly restrict the
privileges of sandboxed applications. An untrusted Java application or
applet running in a sandbox could use this flaw to bypass sandbox
restrictions. (CVE-2011-3544)
A flaw was found in the AWTKeyStroke implementation. An untrusted Java
application or applet running in a sandbox could use this flaw to bypass
sandbox restrictions. (CVE-2011-3548)
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the Java2D code used to perform transformations of graphic shapes
and images. An untrusted Java application or applet running in a sandbox
could use this flaw to bypass sandbox restrictions. (CVE-2011-3551)
An insufficient error checking flaw was found in the unpacker for JAR files
in pack200 format. A specially-crafted JAR file could use this flaw to
crash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code
with JVM privileges. (CVE-2011-3554)
It was found that HttpsURLConnection did not perform SecurityManager checks
in the setSSLSocketFactory method. An untrusted Java application or applet
running in a sandbox could use this flaw to bypass connection restrictions
defined in the policy. (CVE-2011-3560)
A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block
ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a
chosen plain text attack against a connection mixing trusted and untrusted
data could use this flaw to recover portions of the trusted data sent over
the connection. (CVE-2011-3389)
Note: This update mitigates the CVE-2011-3389 issue by splitting the first
application data record byte to a separate SSL/TLS protocol record. This
mitigation may cause compatibility issues with some SSL/TLS implementations
and can be disabled using the jsse.enableCBCProtection boolean property.
This can be done on the command line by appending the flag
"-Djsse.enableCBCProtection=false" to the java command.
An information leak flaw was found in the InputStream.skip implementation.
An untrusted Java application or applet could possibly use this flaw to
obtain bytes skipped by other threads. (CVE-2011-3547)
A flaw was found in the Java HotSpot virtual machine. An untrusted Java
application or applet could use this flaw to disclose portions of the VM
memory, or cause it to crash. (CVE-2011-3558)
The Java API for XML Web Services (JAX-WS) implementation in OpenJDK was
configured to include the stack trace in error messages sent to clients. A
remote client could possibly use this flaw to obtain sensitive information.
(CVE-2011-3553)
It was found that Java applications running with SecurityManager
restrictions were allowed to use too many UDP sockets by default. If
multiple instances of a malicious application were started at the same
time, they could exhaust all available UDP sockets on the system.
(CVE-2011-3552)
This erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/NEWS
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOngvzXlSAg2UNWIIRArb8AKCaS923HYBco1E2eOOedT1aefjmyACgherU
1E1DMZpv3ExBmKhD4Emi2no=
=sMXo
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201109-0142 | CVE-2011-2430 | Adobe Flash Player Vulnerable to arbitrary code execution |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability.". Adobe Flash Player is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46113
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46113/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
RELEASE DATE:
2011-09-22
DISCUSS ADVISORY:
http://secunia.com/advisories/46113/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46113/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to conduct cross-site
scripting attacks, bypass certain security restrictions, and
compromise a user's system.
1) Certain unspecified input is not properly sanitised before being
returned to the user.
NOTE: This vulnerability is reportedly being actively exploited in
targeted attacks.
2) An error within the ActionScript Virtual Machine 2 (AVM2) when
handling a certain function parameters can be exploited to cause a
stack-based buffer overflow.
3) An error within the ActionScript Virtual Machine (AVM) can be
exploited to cause a stack-based buffer overflow.
4) A logic error can be exploited to corrupt memory.
5) An unspecified error can be exploited to bypass the security
control and e.g. disclose certain sensitive information.
6) A logic error when streaming certain media can be exploited to
corrupt memory.
SOLUTION:
Update to a fixed version.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1) Reported as a 0-day. The vendor additionally credits Google.
2) Bing Liu, Fortinet's FortiGuard Labs.
The vendor credits:
3) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of
Sciences.
5) Neil Bergman, Cigital.
6) Zrong, zengrong.net.
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/apsb11-26.html
FortiGuard Labs:
http://www.fortiguard.com/advisory/FGA-2011-32.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
For more information:
SA44558
SA44574
SA44846
SA44964
SA45232
SA45583
SA45583
SA45621
SA45748
SA45978
SA46113
SA46512
SA46887
SA47001
SA47012
SA47611
The vulnerabilities are reported in versions 73.C0.41 and 73.B3.61. Please see the vendor's advisory for more details.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
==========
[ 1 ] APSA11-01
http://www.adobe.com/support/security/advisories/apsa11-01.html
[ 2 ] APSA11-02
http://www.adobe.com/support/security/advisories/apsa11-02.html
[ 3 ] APSB11-02
http://www.adobe.com/support/security/bulletins/apsb11-02.html
[ 4 ] APSB11-12
http://www.adobe.com/support/security/bulletins/apsb11-12.html
[ 5 ] APSB11-13
http://www.adobe.com/support/security/bulletins/apsb11-13.html
[ 6 ] APSB11-21
https://www.adobe.com/support/security/bulletins/apsb11-21.html
[ 7 ] APSB11-26
https://www.adobe.com/support/security/bulletins/apsb11-26.html
[ 8 ] CVE-2011-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558
[ 9 ] CVE-2011-0559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559
[ 10 ] CVE-2011-0560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560
[ 11 ] CVE-2011-0561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561
[ 12 ] CVE-2011-0571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571
[ 13 ] CVE-2011-0572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572
[ 14 ] CVE-2011-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573
[ 15 ] CVE-2011-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574
[ 16 ] CVE-2011-0575
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575
[ 17 ] CVE-2011-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577
[ 18 ] CVE-2011-0578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578
[ 19 ] CVE-2011-0579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579
[ 20 ] CVE-2011-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589
[ 21 ] CVE-2011-0607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607
[ 22 ] CVE-2011-0608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608
[ 23 ] CVE-2011-0609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609
[ 24 ] CVE-2011-0611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611
[ 25 ] CVE-2011-0618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618
[ 26 ] CVE-2011-0619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619
[ 27 ] CVE-2011-0620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620
[ 28 ] CVE-2011-0621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621
[ 29 ] CVE-2011-0622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622
[ 30 ] CVE-2011-0623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623
[ 31 ] CVE-2011-0624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624
[ 32 ] CVE-2011-0625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625
[ 33 ] CVE-2011-0626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626
[ 34 ] CVE-2011-0627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627
[ 35 ] CVE-2011-0628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628
[ 36 ] CVE-2011-2107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107
[ 37 ] CVE-2011-2110
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110
[ 38 ] CVE-2011-2125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135
[ 39 ] CVE-2011-2130
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130
[ 40 ] CVE-2011-2134
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134
[ 41 ] CVE-2011-2136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136
[ 42 ] CVE-2011-2137
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137
[ 43 ] CVE-2011-2138
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138
[ 44 ] CVE-2011-2139
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139
[ 45 ] CVE-2011-2140
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140
[ 46 ] CVE-2011-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414
[ 47 ] CVE-2011-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415
[ 48 ] CVE-2011-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416
[ 49 ] CVE-2011-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417
[ 50 ] CVE-2011-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424
[ 51 ] CVE-2011-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425
[ 52 ] CVE-2011-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426
[ 53 ] CVE-2011-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427
[ 54 ] CVE-2011-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428
[ 55 ] CVE-2011-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429
[ 56 ] CVE-2011-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430
[ 57 ] CVE-2011-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: acroread security update
Advisory ID: RHSA-2011:1434-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html
Issue date: 2011-11-08
CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135
CVE-2011-2136 CVE-2011-2137 CVE-2011-2138
CVE-2011-2139 CVE-2011-2140 CVE-2011-2414
CVE-2011-2415 CVE-2011-2416 CVE-2011-2417
CVE-2011-2424 CVE-2011-2425 CVE-2011-2426
CVE-2011-2427 CVE-2011-2428 CVE-2011-2429
CVE-2011-2430 CVE-2011-2431 CVE-2011-2432
CVE-2011-2433 CVE-2011-2434 CVE-2011-2435
CVE-2011-2436 CVE-2011-2437 CVE-2011-2438
CVE-2011-2439 CVE-2011-2440 CVE-2011-2442
CVE-2011-2444
=====================================================================
1. Summary:
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26
740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26
740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26
749381 - acroread: multiple code execution flaws (APSB11-24)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html
https://www.redhat.com/security/data/cve/CVE-2011-2134.html
https://www.redhat.com/security/data/cve/CVE-2011-2135.html
https://www.redhat.com/security/data/cve/CVE-2011-2136.html
https://www.redhat.com/security/data/cve/CVE-2011-2137.html
https://www.redhat.com/security/data/cve/CVE-2011-2138.html
https://www.redhat.com/security/data/cve/CVE-2011-2139.html
https://www.redhat.com/security/data/cve/CVE-2011-2140.html
https://www.redhat.com/security/data/cve/CVE-2011-2414.html
https://www.redhat.com/security/data/cve/CVE-2011-2415.html
https://www.redhat.com/security/data/cve/CVE-2011-2416.html
https://www.redhat.com/security/data/cve/CVE-2011-2417.html
https://www.redhat.com/security/data/cve/CVE-2011-2424.html
https://www.redhat.com/security/data/cve/CVE-2011-2425.html
https://www.redhat.com/security/data/cve/CVE-2011-2426.html
https://www.redhat.com/security/data/cve/CVE-2011-2427.html
https://www.redhat.com/security/data/cve/CVE-2011-2428.html
https://www.redhat.com/security/data/cve/CVE-2011-2429.html
https://www.redhat.com/security/data/cve/CVE-2011-2430.html
https://www.redhat.com/security/data/cve/CVE-2011-2431.html
https://www.redhat.com/security/data/cve/CVE-2011-2432.html
https://www.redhat.com/security/data/cve/CVE-2011-2433.html
https://www.redhat.com/security/data/cve/CVE-2011-2434.html
https://www.redhat.com/security/data/cve/CVE-2011-2435.html
https://www.redhat.com/security/data/cve/CVE-2011-2436.html
https://www.redhat.com/security/data/cve/CVE-2011-2437.html
https://www.redhat.com/security/data/cve/CVE-2011-2438.html
https://www.redhat.com/security/data/cve/CVE-2011-2439.html
https://www.redhat.com/security/data/cve/CVE-2011-2440.html
https://www.redhat.com/security/data/cve/CVE-2011-2442.html
https://www.redhat.com/security/data/cve/CVE-2011-2444.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-21.html
http://www.adobe.com/support/security/bulletins/apsb11-24.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q
0+KSTL2IByBwtP8+xfPmUNE=
=qFq6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201109-0141 | CVE-2011-2429 | Adobe Flash Player Vulnerable to access restrictions |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass.". Adobe Flash Player is prone to a remote information-disclosure vulnerability.
An attacker can exploit this issue to retrieve potentially sensitive information. Information obtained may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46113
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46113/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
RELEASE DATE:
2011-09-22
DISCUSS ADVISORY:
http://secunia.com/advisories/46113/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46113/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to conduct cross-site
scripting attacks, bypass certain security restrictions, and
compromise a user's system.
1) Certain unspecified input is not properly sanitised before being
returned to the user. This can be exploited to execute arbitrary HTML
and script code in a user's browser session in context of an affected
site.
NOTE: This vulnerability is reportedly being actively exploited in
targeted attacks.
2) An error within the ActionScript Virtual Machine 2 (AVM2) when
handling a certain function parameters can be exploited to cause a
stack-based buffer overflow.
3) An error within the ActionScript Virtual Machine (AVM) can be
exploited to cause a stack-based buffer overflow.
4) A logic error can be exploited to corrupt memory.
5) An unspecified error can be exploited to bypass the security
control and e.g.
6) A logic error when streaming certain media can be exploited to
corrupt memory.
SOLUTION:
Update to a fixed version.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1) Reported as a 0-day. The vendor additionally credits Google.
2) Bing Liu, Fortinet's FortiGuard Labs.
The vendor credits:
3) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of
Sciences.
5) Neil Bergman, Cigital.
6) Zrong, zengrong.net.
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/apsb11-26.html
FortiGuard Labs:
http://www.fortiguard.com/advisory/FGA-2011-32.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Please see the vendor's advisory for more details.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
==========
[ 1 ] APSA11-01
http://www.adobe.com/support/security/advisories/apsa11-01.html
[ 2 ] APSA11-02
http://www.adobe.com/support/security/advisories/apsa11-02.html
[ 3 ] APSB11-02
http://www.adobe.com/support/security/bulletins/apsb11-02.html
[ 4 ] APSB11-12
http://www.adobe.com/support/security/bulletins/apsb11-12.html
[ 5 ] APSB11-13
http://www.adobe.com/support/security/bulletins/apsb11-13.html
[ 6 ] APSB11-21
https://www.adobe.com/support/security/bulletins/apsb11-21.html
[ 7 ] APSB11-26
https://www.adobe.com/support/security/bulletins/apsb11-26.html
[ 8 ] CVE-2011-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558
[ 9 ] CVE-2011-0559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559
[ 10 ] CVE-2011-0560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560
[ 11 ] CVE-2011-0561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561
[ 12 ] CVE-2011-0571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571
[ 13 ] CVE-2011-0572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572
[ 14 ] CVE-2011-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573
[ 15 ] CVE-2011-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574
[ 16 ] CVE-2011-0575
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575
[ 17 ] CVE-2011-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577
[ 18 ] CVE-2011-0578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578
[ 19 ] CVE-2011-0579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579
[ 20 ] CVE-2011-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589
[ 21 ] CVE-2011-0607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607
[ 22 ] CVE-2011-0608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608
[ 23 ] CVE-2011-0609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609
[ 24 ] CVE-2011-0611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611
[ 25 ] CVE-2011-0618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618
[ 26 ] CVE-2011-0619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619
[ 27 ] CVE-2011-0620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620
[ 28 ] CVE-2011-0621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621
[ 29 ] CVE-2011-0622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622
[ 30 ] CVE-2011-0623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623
[ 31 ] CVE-2011-0624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624
[ 32 ] CVE-2011-0625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625
[ 33 ] CVE-2011-0626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626
[ 34 ] CVE-2011-0627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627
[ 35 ] CVE-2011-0628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628
[ 36 ] CVE-2011-2107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107
[ 37 ] CVE-2011-2110
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110
[ 38 ] CVE-2011-2125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135
[ 39 ] CVE-2011-2130
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130
[ 40 ] CVE-2011-2134
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134
[ 41 ] CVE-2011-2136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136
[ 42 ] CVE-2011-2137
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137
[ 43 ] CVE-2011-2138
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138
[ 44 ] CVE-2011-2139
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139
[ 45 ] CVE-2011-2140
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140
[ 46 ] CVE-2011-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414
[ 47 ] CVE-2011-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415
[ 48 ] CVE-2011-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416
[ 49 ] CVE-2011-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417
[ 50 ] CVE-2011-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424
[ 51 ] CVE-2011-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425
[ 52 ] CVE-2011-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426
[ 53 ] CVE-2011-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427
[ 54 ] CVE-2011-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428
[ 55 ] CVE-2011-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429
[ 56 ] CVE-2011-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430
[ 57 ] CVE-2011-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: acroread security update
Advisory ID: RHSA-2011:1434-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html
Issue date: 2011-11-08
CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135
CVE-2011-2136 CVE-2011-2137 CVE-2011-2138
CVE-2011-2139 CVE-2011-2140 CVE-2011-2414
CVE-2011-2415 CVE-2011-2416 CVE-2011-2417
CVE-2011-2424 CVE-2011-2425 CVE-2011-2426
CVE-2011-2427 CVE-2011-2428 CVE-2011-2429
CVE-2011-2430 CVE-2011-2431 CVE-2011-2432
CVE-2011-2433 CVE-2011-2434 CVE-2011-2435
CVE-2011-2436 CVE-2011-2437 CVE-2011-2438
CVE-2011-2439 CVE-2011-2440 CVE-2011-2442
CVE-2011-2444
=====================================================================
1. Summary:
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26
740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26
740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26
749381 - acroread: multiple code execution flaws (APSB11-24)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html
https://www.redhat.com/security/data/cve/CVE-2011-2134.html
https://www.redhat.com/security/data/cve/CVE-2011-2135.html
https://www.redhat.com/security/data/cve/CVE-2011-2136.html
https://www.redhat.com/security/data/cve/CVE-2011-2137.html
https://www.redhat.com/security/data/cve/CVE-2011-2138.html
https://www.redhat.com/security/data/cve/CVE-2011-2139.html
https://www.redhat.com/security/data/cve/CVE-2011-2140.html
https://www.redhat.com/security/data/cve/CVE-2011-2414.html
https://www.redhat.com/security/data/cve/CVE-2011-2415.html
https://www.redhat.com/security/data/cve/CVE-2011-2416.html
https://www.redhat.com/security/data/cve/CVE-2011-2417.html
https://www.redhat.com/security/data/cve/CVE-2011-2424.html
https://www.redhat.com/security/data/cve/CVE-2011-2425.html
https://www.redhat.com/security/data/cve/CVE-2011-2426.html
https://www.redhat.com/security/data/cve/CVE-2011-2427.html
https://www.redhat.com/security/data/cve/CVE-2011-2428.html
https://www.redhat.com/security/data/cve/CVE-2011-2429.html
https://www.redhat.com/security/data/cve/CVE-2011-2430.html
https://www.redhat.com/security/data/cve/CVE-2011-2431.html
https://www.redhat.com/security/data/cve/CVE-2011-2432.html
https://www.redhat.com/security/data/cve/CVE-2011-2433.html
https://www.redhat.com/security/data/cve/CVE-2011-2434.html
https://www.redhat.com/security/data/cve/CVE-2011-2435.html
https://www.redhat.com/security/data/cve/CVE-2011-2436.html
https://www.redhat.com/security/data/cve/CVE-2011-2437.html
https://www.redhat.com/security/data/cve/CVE-2011-2438.html
https://www.redhat.com/security/data/cve/CVE-2011-2439.html
https://www.redhat.com/security/data/cve/CVE-2011-2440.html
https://www.redhat.com/security/data/cve/CVE-2011-2442.html
https://www.redhat.com/security/data/cve/CVE-2011-2444.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-21.html
http://www.adobe.com/support/security/bulletins/apsb11-24.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q
0+KSTL2IByBwtP8+xfPmUNE=
=qFq6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201109-0140 | CVE-2011-2428 | Adobe Flash Player Vulnerable to arbitrary code execution |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue.". Adobe Flash Player is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46113
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46113/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
RELEASE DATE:
2011-09-22
DISCUSS ADVISORY:
http://secunia.com/advisories/46113/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46113/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to conduct cross-site
scripting attacks, bypass certain security restrictions, and
compromise a user's system.
1) Certain unspecified input is not properly sanitised before being
returned to the user.
NOTE: This vulnerability is reportedly being actively exploited in
targeted attacks.
2) An error within the ActionScript Virtual Machine 2 (AVM2) when
handling a certain function parameters can be exploited to cause a
stack-based buffer overflow.
3) An error within the ActionScript Virtual Machine (AVM) can be
exploited to cause a stack-based buffer overflow.
4) A logic error can be exploited to corrupt memory.
5) An unspecified error can be exploited to bypass the security
control and e.g. disclose certain sensitive information.
6) A logic error when streaming certain media can be exploited to
corrupt memory.
SOLUTION:
Update to a fixed version.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1) Reported as a 0-day. The vendor additionally credits Google.
2) Bing Liu, Fortinet's FortiGuard Labs.
The vendor credits:
3) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of
Sciences.
5) Neil Bergman, Cigital.
6) Zrong, zengrong.net.
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/apsb11-26.html
FortiGuard Labs:
http://www.fortiguard.com/advisory/FGA-2011-32.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
For more information:
SA44558
SA44574
SA44846
SA44964
SA45232
SA45583
SA45583
SA45621
SA45748
SA45978
SA46113
SA46512
SA46887
SA47001
SA47012
SA47611
The vulnerabilities are reported in versions 73.C0.41 and 73.B3.61. Please see the vendor's advisory for more details.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
==========
[ 1 ] APSA11-01
http://www.adobe.com/support/security/advisories/apsa11-01.html
[ 2 ] APSA11-02
http://www.adobe.com/support/security/advisories/apsa11-02.html
[ 3 ] APSB11-02
http://www.adobe.com/support/security/bulletins/apsb11-02.html
[ 4 ] APSB11-12
http://www.adobe.com/support/security/bulletins/apsb11-12.html
[ 5 ] APSB11-13
http://www.adobe.com/support/security/bulletins/apsb11-13.html
[ 6 ] APSB11-21
https://www.adobe.com/support/security/bulletins/apsb11-21.html
[ 7 ] APSB11-26
https://www.adobe.com/support/security/bulletins/apsb11-26.html
[ 8 ] CVE-2011-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558
[ 9 ] CVE-2011-0559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559
[ 10 ] CVE-2011-0560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560
[ 11 ] CVE-2011-0561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561
[ 12 ] CVE-2011-0571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571
[ 13 ] CVE-2011-0572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572
[ 14 ] CVE-2011-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573
[ 15 ] CVE-2011-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574
[ 16 ] CVE-2011-0575
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575
[ 17 ] CVE-2011-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577
[ 18 ] CVE-2011-0578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578
[ 19 ] CVE-2011-0579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579
[ 20 ] CVE-2011-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589
[ 21 ] CVE-2011-0607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607
[ 22 ] CVE-2011-0608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608
[ 23 ] CVE-2011-0609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609
[ 24 ] CVE-2011-0611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611
[ 25 ] CVE-2011-0618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618
[ 26 ] CVE-2011-0619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619
[ 27 ] CVE-2011-0620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620
[ 28 ] CVE-2011-0621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621
[ 29 ] CVE-2011-0622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622
[ 30 ] CVE-2011-0623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623
[ 31 ] CVE-2011-0624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624
[ 32 ] CVE-2011-0625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625
[ 33 ] CVE-2011-0626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626
[ 34 ] CVE-2011-0627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627
[ 35 ] CVE-2011-0628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628
[ 36 ] CVE-2011-2107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107
[ 37 ] CVE-2011-2110
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110
[ 38 ] CVE-2011-2125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135
[ 39 ] CVE-2011-2130
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130
[ 40 ] CVE-2011-2134
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134
[ 41 ] CVE-2011-2136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136
[ 42 ] CVE-2011-2137
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137
[ 43 ] CVE-2011-2138
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138
[ 44 ] CVE-2011-2139
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139
[ 45 ] CVE-2011-2140
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140
[ 46 ] CVE-2011-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414
[ 47 ] CVE-2011-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415
[ 48 ] CVE-2011-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416
[ 49 ] CVE-2011-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417
[ 50 ] CVE-2011-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424
[ 51 ] CVE-2011-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425
[ 52 ] CVE-2011-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426
[ 53 ] CVE-2011-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427
[ 54 ] CVE-2011-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428
[ 55 ] CVE-2011-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429
[ 56 ] CVE-2011-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430
[ 57 ] CVE-2011-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: acroread security update
Advisory ID: RHSA-2011:1434-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html
Issue date: 2011-11-08
CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135
CVE-2011-2136 CVE-2011-2137 CVE-2011-2138
CVE-2011-2139 CVE-2011-2140 CVE-2011-2414
CVE-2011-2415 CVE-2011-2416 CVE-2011-2417
CVE-2011-2424 CVE-2011-2425 CVE-2011-2426
CVE-2011-2427 CVE-2011-2428 CVE-2011-2429
CVE-2011-2430 CVE-2011-2431 CVE-2011-2432
CVE-2011-2433 CVE-2011-2434 CVE-2011-2435
CVE-2011-2436 CVE-2011-2437 CVE-2011-2438
CVE-2011-2439 CVE-2011-2440 CVE-2011-2442
CVE-2011-2444
=====================================================================
1. Summary:
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26
740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26
740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26
749381 - acroread: multiple code execution flaws (APSB11-24)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html
https://www.redhat.com/security/data/cve/CVE-2011-2134.html
https://www.redhat.com/security/data/cve/CVE-2011-2135.html
https://www.redhat.com/security/data/cve/CVE-2011-2136.html
https://www.redhat.com/security/data/cve/CVE-2011-2137.html
https://www.redhat.com/security/data/cve/CVE-2011-2138.html
https://www.redhat.com/security/data/cve/CVE-2011-2139.html
https://www.redhat.com/security/data/cve/CVE-2011-2140.html
https://www.redhat.com/security/data/cve/CVE-2011-2414.html
https://www.redhat.com/security/data/cve/CVE-2011-2415.html
https://www.redhat.com/security/data/cve/CVE-2011-2416.html
https://www.redhat.com/security/data/cve/CVE-2011-2417.html
https://www.redhat.com/security/data/cve/CVE-2011-2424.html
https://www.redhat.com/security/data/cve/CVE-2011-2425.html
https://www.redhat.com/security/data/cve/CVE-2011-2426.html
https://www.redhat.com/security/data/cve/CVE-2011-2427.html
https://www.redhat.com/security/data/cve/CVE-2011-2428.html
https://www.redhat.com/security/data/cve/CVE-2011-2429.html
https://www.redhat.com/security/data/cve/CVE-2011-2430.html
https://www.redhat.com/security/data/cve/CVE-2011-2431.html
https://www.redhat.com/security/data/cve/CVE-2011-2432.html
https://www.redhat.com/security/data/cve/CVE-2011-2433.html
https://www.redhat.com/security/data/cve/CVE-2011-2434.html
https://www.redhat.com/security/data/cve/CVE-2011-2435.html
https://www.redhat.com/security/data/cve/CVE-2011-2436.html
https://www.redhat.com/security/data/cve/CVE-2011-2437.html
https://www.redhat.com/security/data/cve/CVE-2011-2438.html
https://www.redhat.com/security/data/cve/CVE-2011-2439.html
https://www.redhat.com/security/data/cve/CVE-2011-2440.html
https://www.redhat.com/security/data/cve/CVE-2011-2442.html
https://www.redhat.com/security/data/cve/CVE-2011-2444.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-21.html
http://www.adobe.com/support/security/bulletins/apsb11-24.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q
0+KSTL2IByBwtP8+xfPmUNE=
=qFq6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201109-0138 | CVE-2011-2426 | Adobe Flash Player Vulnerable to stack-based buffer overflow |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player is prone to a remote stack-based buffer-overflow vulnerability.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46113
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46113/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
RELEASE DATE:
2011-09-22
DISCUSS ADVISORY:
http://secunia.com/advisories/46113/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46113/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46113
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to conduct cross-site
scripting attacks, bypass certain security restrictions, and
compromise a user's system.
1) Certain unspecified input is not properly sanitised before being
returned to the user.
NOTE: This vulnerability is reportedly being actively exploited in
targeted attacks.
4) A logic error can be exploited to corrupt memory.
5) An unspecified error can be exploited to bypass the security
control and e.g. disclose certain sensitive information.
6) A logic error when streaming certain media can be exploited to
corrupt memory.
SOLUTION:
Update to a fixed version.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
1) Reported as a 0-day. The vendor additionally credits Google.
2) Bing Liu, Fortinet's FortiGuard Labs.
The vendor credits:
3) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of
Sciences.
5) Neil Bergman, Cigital.
6) Zrong, zengrong.net.
ORIGINAL ADVISORY:
Adobe:
http://www.adobe.com/support/security/bulletins/apsb11-26.html
FortiGuard Labs:
http://www.fortiguard.com/advisory/FGA-2011-32.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface.
For more information:
SA44558
SA44574
SA44846
SA44964
SA45232
SA45583
SA45583
SA45621
SA45748
SA45978
SA46113
SA46512
SA46887
SA47001
SA47012
SA47611
The vulnerabilities are reported in versions 73.C0.41 and 73.B3.61. Please see the vendor's advisory for more details.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
==========
[ 1 ] APSA11-01
http://www.adobe.com/support/security/advisories/apsa11-01.html
[ 2 ] APSA11-02
http://www.adobe.com/support/security/advisories/apsa11-02.html
[ 3 ] APSB11-02
http://www.adobe.com/support/security/bulletins/apsb11-02.html
[ 4 ] APSB11-12
http://www.adobe.com/support/security/bulletins/apsb11-12.html
[ 5 ] APSB11-13
http://www.adobe.com/support/security/bulletins/apsb11-13.html
[ 6 ] APSB11-21
https://www.adobe.com/support/security/bulletins/apsb11-21.html
[ 7 ] APSB11-26
https://www.adobe.com/support/security/bulletins/apsb11-26.html
[ 8 ] CVE-2011-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558
[ 9 ] CVE-2011-0559
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559
[ 10 ] CVE-2011-0560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560
[ 11 ] CVE-2011-0561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561
[ 12 ] CVE-2011-0571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571
[ 13 ] CVE-2011-0572
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572
[ 14 ] CVE-2011-0573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573
[ 15 ] CVE-2011-0574
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574
[ 16 ] CVE-2011-0575
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575
[ 17 ] CVE-2011-0577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577
[ 18 ] CVE-2011-0578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578
[ 19 ] CVE-2011-0579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579
[ 20 ] CVE-2011-0589
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589
[ 21 ] CVE-2011-0607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607
[ 22 ] CVE-2011-0608
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608
[ 23 ] CVE-2011-0609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609
[ 24 ] CVE-2011-0611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611
[ 25 ] CVE-2011-0618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618
[ 26 ] CVE-2011-0619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619
[ 27 ] CVE-2011-0620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620
[ 28 ] CVE-2011-0621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621
[ 29 ] CVE-2011-0622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622
[ 30 ] CVE-2011-0623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623
[ 31 ] CVE-2011-0624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624
[ 32 ] CVE-2011-0625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625
[ 33 ] CVE-2011-0626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626
[ 34 ] CVE-2011-0627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627
[ 35 ] CVE-2011-0628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628
[ 36 ] CVE-2011-2107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107
[ 37 ] CVE-2011-2110
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110
[ 38 ] CVE-2011-2125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135
[ 39 ] CVE-2011-2130
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130
[ 40 ] CVE-2011-2134
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134
[ 41 ] CVE-2011-2136
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136
[ 42 ] CVE-2011-2137
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137
[ 43 ] CVE-2011-2138
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138
[ 44 ] CVE-2011-2139
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139
[ 45 ] CVE-2011-2140
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140
[ 46 ] CVE-2011-2414
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414
[ 47 ] CVE-2011-2415
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415
[ 48 ] CVE-2011-2416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416
[ 49 ] CVE-2011-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417
[ 50 ] CVE-2011-2424
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424
[ 51 ] CVE-2011-2425
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425
[ 52 ] CVE-2011-2426
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426
[ 53 ] CVE-2011-2427
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427
[ 54 ] CVE-2011-2428
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428
[ 55 ] CVE-2011-2429
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429
[ 56 ] CVE-2011-2430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430
[ 57 ] CVE-2011-2444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: acroread security update
Advisory ID: RHSA-2011:1434-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html
Issue date: 2011-11-08
CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135
CVE-2011-2136 CVE-2011-2137 CVE-2011-2138
CVE-2011-2139 CVE-2011-2140 CVE-2011-2414
CVE-2011-2415 CVE-2011-2416 CVE-2011-2417
CVE-2011-2424 CVE-2011-2425 CVE-2011-2426
CVE-2011-2427 CVE-2011-2428 CVE-2011-2429
CVE-2011-2430 CVE-2011-2431 CVE-2011-2432
CVE-2011-2433 CVE-2011-2434 CVE-2011-2435
CVE-2011-2436 CVE-2011-2437 CVE-2011-2438
CVE-2011-2439 CVE-2011-2440 CVE-2011-2442
CVE-2011-2444
=====================================================================
1. Summary:
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64
Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26
740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26
740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26
749381 - acroread: multiple code execution flaws (APSB11-24)
6. Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386:
acroread-9.4.6-1.el4.i386.rpm
acroread-plugin-9.4.6-1.el4.i386.rpm
x86_64:
acroread-9.4.6-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
x86_64:
acroread-9.4.6-1.el5.i386.rpm
acroread-plugin-9.4.6-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
x86_64:
acroread-9.4.6-1.el6.i686.rpm
acroread-plugin-9.4.6-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2130.html
https://www.redhat.com/security/data/cve/CVE-2011-2134.html
https://www.redhat.com/security/data/cve/CVE-2011-2135.html
https://www.redhat.com/security/data/cve/CVE-2011-2136.html
https://www.redhat.com/security/data/cve/CVE-2011-2137.html
https://www.redhat.com/security/data/cve/CVE-2011-2138.html
https://www.redhat.com/security/data/cve/CVE-2011-2139.html
https://www.redhat.com/security/data/cve/CVE-2011-2140.html
https://www.redhat.com/security/data/cve/CVE-2011-2414.html
https://www.redhat.com/security/data/cve/CVE-2011-2415.html
https://www.redhat.com/security/data/cve/CVE-2011-2416.html
https://www.redhat.com/security/data/cve/CVE-2011-2417.html
https://www.redhat.com/security/data/cve/CVE-2011-2424.html
https://www.redhat.com/security/data/cve/CVE-2011-2425.html
https://www.redhat.com/security/data/cve/CVE-2011-2426.html
https://www.redhat.com/security/data/cve/CVE-2011-2427.html
https://www.redhat.com/security/data/cve/CVE-2011-2428.html
https://www.redhat.com/security/data/cve/CVE-2011-2429.html
https://www.redhat.com/security/data/cve/CVE-2011-2430.html
https://www.redhat.com/security/data/cve/CVE-2011-2431.html
https://www.redhat.com/security/data/cve/CVE-2011-2432.html
https://www.redhat.com/security/data/cve/CVE-2011-2433.html
https://www.redhat.com/security/data/cve/CVE-2011-2434.html
https://www.redhat.com/security/data/cve/CVE-2011-2435.html
https://www.redhat.com/security/data/cve/CVE-2011-2436.html
https://www.redhat.com/security/data/cve/CVE-2011-2437.html
https://www.redhat.com/security/data/cve/CVE-2011-2438.html
https://www.redhat.com/security/data/cve/CVE-2011-2439.html
https://www.redhat.com/security/data/cve/CVE-2011-2440.html
https://www.redhat.com/security/data/cve/CVE-2011-2442.html
https://www.redhat.com/security/data/cve/CVE-2011-2444.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-21.html
http://www.adobe.com/support/security/bulletins/apsb11-24.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q
0+KSTL2IByBwtP8+xfPmUNE=
=qFq6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201110-0168 | CVE-2011-2072 |
plural Cisco Service disruption in products ( Memory consumption and device reload or process failure ) Vulnerabilities
Related entries in the VARIoT exploits database: VAR-E-201109-0756 |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686. Cisco IOS and Unified Communications Manager are prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause an interruption in voice services or cause the affected device to reload, denying service to legitimate users.
This issue is tracked by Cisco Bug IDs CSCtl86047 and CSCto8868. Cisco's Internet Operating System (IOS) is a complex operating system optimized for Internet interconnection. The data flow interaction function DLSw can realize the transmission of IBM SNA and network BIOS traffic on the IP network. ----------------------------------------------------------------------
The new Secunia Corporate Software Inspector (CSI) 5.0
Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X.
Get a free trial now and qualify for a special discount:
http://secunia.com/vulnerability_scanning/corporate/trial/
----------------------------------------------------------------------
TITLE:
Cisco IOS SIP Packet Processing Multiple Denial of Service
Vulnerabilities
SECUNIA ADVISORY ID:
SA46197
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46197/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46197
RELEASE DATE:
2011-09-29
DISCUSS ADVISORY:
http://secunia.com/advisories/46197/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46197/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46197
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Cisco IOS, which can
be exploited by malicious people to cause a DoS (Denial of Service).
1) An unspecified error when processing certain Session Initiation
Protocol (SIP) packets can be exploited to reload a device.
2) A memory leak error when processing certain Session Initiation
Protocol (SIP) packets can be exploited to reload a device.
For more information:
SA46226
Please see the vendor's advisory for a list of affected versions.
SOLUTION:
Update to a fixed version (please see the vendor's advisory for
details).
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool. A
workaround exists for this SIP vulnerability.
Details
=======
Cisco Unified Communications Manager is the call processing component
of the Cisco IP Telephony solution that extends enterprise telephony
features and functions to packet telephony network devices, such as
IP phones, media processing devices, VoIP gateways, and multimedia
applications. Continued exploitation of the vulnerability
may cause a critical process to fail, which could result in the
disruption of voice services. Use the following instructions to
disable SIP processing:
* Step 1: Log in to the Cisco Unified CM Administration web
interface.
* Step 3: Change the SIP Interoperability Enabled parameter to
False and click "Save".
Note: For a SIP processing change to take effect, the Cisco
CallManager Service must be restarted. For information on how to
restart the service, refer to the "Restarting the Cisco
CallManager Service" section of the document at
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/7_1_2/ccmcfg/b03dpi.html#wp1075124
It is possible to mitigate this vulnerability by implementing
filtering on screening devices and permitting access to TCP ports
5060 and 5061 and UDP ports 5060 and 5061 only from networks that
require SIP access to Cisco Unified Communications Manager
servers. Affected devices would need to be configured
to process SIP messages for these vulnerabilities to be exploitable.
Cisco has released free software updates that address these
vulnerabilities. There are no workarounds for devices that must run
SIP; however, mitigations are available to limit exposure to the
vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml.
Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
well as the Cisco IOS Software releases that correct all vulnerabilities
in the September 2011 Bundled Publication.
Individual publication links are in "Cisco Event Response: Semiannual
Cisco IOS Software Security Advisory Bundled Publication" at the
following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep11.html
Cisco Unified Communications Manager (CUCM) is affected by one of the
vulnerabilities described in this advisory.
Recent versions of Cisco IOS Software do not process SIP messages by
default. Creating a dial peer by issuing the "dial-peer voice"
configuration command will start the SIP processes, causing the Cisco
IOS device to process SIP messages. In addition, several features in
Cisco Unified Communications Manager Express, such as ephones, will
automatically start the SIP process when they are configured, which
could cause the affected device to start processing SIP messages. An
example of an affected configuration follows:
dial-peer voice <Voice dial-peer tag> voip
...
!
In addition to inspecting the Cisco IOS device configuration for a
"dial-peer" command that causes the device to process SIP messages,
administrators can also use the "show processes | include SIP" command
to determine whether Cisco IOS Software is running the processes that
handle SIP messages. In the following example, the presence of the
processes CCSIP_UDP_SOCKET or CCSIP_TCP_SOCKET indicates that the Cisco
IOS device will process SIP messages:
Router# show processes | include SIP
149 Mwe 40F48254 4 1 400023108/24000 0 CCSIP_UDP_SOCKET
150 Mwe 40F48034 4 1 400023388/24000 0 CCSIP_TCP_SOCKET
Note: Because there are several ways a device running Cisco IOS Software
can start processing SIP messages, the "show processes | include SIP"
command should be used to determine whether the device is processing SIP
messages instead of relying on the presence of specific configuration
commands.
Cisco Unified Border Element images are also affected by two of these
vulnerabilities.
Note: The Cisco Unified Border Element feature (previously known as
the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS
Software image that runs on Cisco multiservice gateway platforms.
This feature provides a network-to-network interface point for
billing, security, call admission control, quality of service, and
signaling interworking.
To determine the Cisco IOS Software release that is running on a
Cisco product, administrators can log in to the device and issue the
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 15.0(1)M1 with an installed image name of
C3900-UNIVERSALK9-M:
Router> show version
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 17:17 by prod_rel_team
!--- output truncated
Additional information about Cisco IOS Software release
naming conventions is available in the white paper Cisco
IOS and NX-OS Software Reference Guide available at
http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Cisco IOS XE Software is affected by these vulnerabilities.
Cisco IOS XR Software is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
=======
SIP is a popular signaling protocol that is used to manage voice and
video calls across IP networks such as the Internet. SIP is
responsible for handling all aspects of call setup and termination.
Voice and video are the most popular types of sessions that SIP
handles, but the protocol has the flexibility to accommodate other
applications that require call setup and termination. SIP call
signaling can use UDP (port 5060), TCP (port 5060), or Transport
Layer Security (TLS; TCP port 5061) as the underlying transport
protocol. These vulnerabilities are triggered when the device
that is running Cisco IOS Software processes crafted SIP messages.
Only traffic destined to the device can trigger the vulnerabilities;
transit SIP traffic is not an exploit vector.
Note: In cases where SIP is running over TCP transport, a TCP
three-way handshake is necessary to exploit these vulnerabilities. This vulnerability
has been assigned Common Vulnerabilities and Exposures (CVE) ID
CVE-2011-0939.
CSCti48504 may cause memory leaks. This vulnerability has been assigned
CVE ID CVE-2011-3275.
CSCto88686 may cause memory leaks or reloads of affected devices. This
vulnerability has been assigned CVE ID CVE-2011-2072.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
Note that all vulnerabilities in this advisory (CSCth03022, CSCti48504,
and CSCto88686) have been scored in an identical manner, assuming a
complete denial of service (DoS) condition.
* CSCth03022, CSCti48504, CSCto88686
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerabilities in this advisory may
result in system instabilities or a reload of an affected device.
Repeated exploitation could result in a sustained DoS condition.
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
Additionally, the Cisco IOS Software Checker is available on
the Cisco Security Intelligence Operations (SIO) portal at
http://tools.cisco.com/security/center/selectIOSVersion.x. It provides
several features for checking which Security Advisories affect specified
versions of Cisco IOS Software.
Cisco IOS Software
+-----------------
Each row of the following Cisco IOS Software table corresponds to a
Cisco IOS Software train. If a particular train is vulnerable, the
earliest releases that contain the fix are listed in the First Fixed
Release For This Advisory column. The First Fixed Release for All
Advisories in the September 2011 Bundled Publication column lists the
earliest possible releases that correct all the published
vulnerabilities in the Cisco IOS Software Security Advisory bundled
publication. Cisco recommends upgrading to the latest available
release, where possible.
+------------------------------------------------------------+
| Major | Availability of Repaired Releases |
| Release | |
|------------+-----------------------------------------------|
| Affected | | First Fixed Release |
| 12.0-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 12.0 based releases |
|------------------------------------------------------------|
| Affected | | First Fixed Release |
| 12.1-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.1E | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.2-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.2 | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2B | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2BC | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2BW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2BX | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2BY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2BZ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2CX | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2CY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2CZ | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2DA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2EU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Releases up to and |
| 12.2EW | Not vulnerable | including 12.2(20)EW4 |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2EZ | Not vulnerable | to any release in |
| | | 15.0SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2FX | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2FY | Not vulnerable | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2FZ | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2IRA | Not vulnerable | to any release in |
| | | 12.2IRG |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2IRB | Not vulnerable | to any release in |
| | | 12.2IRG |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2IRC | Not vulnerable | to any release in |
| | | 12.2IRG |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRD | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRE | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2IRF | Not vulnerable | to any release in |
| | | 12.2IRG |
|------------+-----------------------+-----------------------|
| 12.2IRG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXB | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXC | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXD | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXE | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXF | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IXH | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2JK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MC | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2MRA | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2MRB | Not vulnerable | 12.2(33)MRB5 |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(30)S are |
| | | vulnerable; Releases |
| 12.2S | Not vulnerable | 12.2(30)S and later |
| | | are not vulnerable. |
| | | First fixed in |
| | | Release 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2SB | Not vulnerable | 12.2(31)SB2012.2(33) |
| | | SB10 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SBC | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SCA | Not vulnerable | fixed in Release |
| | | 12.2SCC |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SCB | Not vulnerable | fixed in Release |
| | | 12.2SCC |
|------------+-----------------------+-----------------------|
| 12.2SCC | Not vulnerable | 12.2(33)SCC7 |
|------------+-----------------------+-----------------------|
| 12.2SCD | Not vulnerable | 12.2(33)SCD6 |
|------------+-----------------------+-----------------------|
| 12.2SCE | Not vulnerable | 12.2(33)SCE112.2(33) |
| | | SCE2 |
|------------+-----------------------+-----------------------|
| 12.2SCF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SE | Not vulnerable | 12.2(55)SE312.2(58)SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SEA | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SEB | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SEC | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SED | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SEE | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SEF | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(25)SEG4 are |
| | | vulnerable; Releases |
| 12.2SEG | Not vulnerable | 12.2(25)SEG4 and |
| | | later are not |
| | | vulnerable. First |
| | | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(53)SG4 are |
| 12.2SG | Not vulnerable | vulnerable; Releases |
| | | 12.2(53)SG4 and later |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SGA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SM | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SQ | Not vulnerable | 12.2(50)SQ3 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SRA | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SRB | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SRC | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2SRD | Not vulnerable | 12.2(33)SRD6 |
|------------+-----------------------+-----------------------|
| 12.2SRE | Not vulnerable | 12.2(33)SRE4 |
|------------+-----------------------+-----------------------|
| 12.2STE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SU | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(29a)SV are |
| | | vulnerable; Releases |
| 12.2SV | Not vulnerable | 12.2(29a)SV and later |
| | | are not vulnerable. |
| | | Migrate to any |
| | | release in 12.2SVD |
|------------+-----------------------+-----------------------|
| 12.2SVA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SW | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SX | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SXA | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SXB | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SXD | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SXE | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| 12.2SXF | Not vulnerable | 12.2(18)SXF17b |
|------------+-----------------------+-----------------------|
| 12.2SXH | Not vulnerable | 12.2(33)SXH8a |
|------------+-----------------------+-----------------------|
| 12.2SXI | Not vulnerable | 12.2(33)SXI6 |
|------------+-----------------------+-----------------------|
| 12.2SXJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SY | Not vulnerable | 12.2(50)SY |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2SZ | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2T | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2TPC | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2XA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XB | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2XC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XH | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XI | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XM | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XN | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XNA | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| 12.2XNB | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| 12.2XNC | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| 12.2XND | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| 12.2XNE | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| 12.2XNF | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(54)XO are |
| 12.2XO | Not vulnerable | vulnerable; Releases |
| | | 12.2(54)XO and later |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| 12.2XQ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XR | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XS | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XT | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XV | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YA | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2YB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YF | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YH | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YJ | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YL | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YM | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YN | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YQ | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YS | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YT | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YU | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YV | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YW | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YX | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YY | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YZ | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2ZA | Not vulnerable | fixed in Release |
| | | 12.2SXF |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2ZB | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZE | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZF | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZH | Not vulnerable | Vulnerable; First |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2ZL | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.2ZU | Not vulnerable | fixed in Release |
| | | 12.2SXH |
|------------+-----------------------+-----------------------|
| 12.2ZX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2ZY | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2ZYA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.3-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 12.3 based releases |
|------------------------------------------------------------|
| Affected | | First Fixed Release |
| 12.4-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.4 | Not vulnerable | 12.4(25f) |
|------------+-----------------------+-----------------------|
| 12.4GC | 12.4(24)GC4 | 12.4(24)GC4 |
|------------+-----------------------+-----------------------|
| 12.4JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JAX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JMA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JMB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| | | to any release in |
| | | 12.4JA |
| 12.4JX | Not vulnerable | |
| | | Releases up to and |
| | | including 12.4(21a)JX |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| 12.4JY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4MD | Not vulnerable | 12.4(24)MD6 on |
| | | 28-Oct-2011 |
|------------+-----------------------+-----------------------|
| 12.4MDA | Not vulnerable | 12.4(24)MDA7 |
|------------+-----------------------+-----------------------|
| 12.4MDB | Not vulnerable | 12.4(24)MDB3 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | Releases up to and | organization per the |
| 12.4MR | including 12.4(6)MR1 | instructions in the |
| | are not vulnerable. | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4MRA | instructions in | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 12.4MRB | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4SW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | 12.4(24)T6 | 12.4(24)T6 |
| 12.4T | | |
| | 12.4(15)T16 | 12.4(15)T16 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XA | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XB | Not vulnerable | 12.4(2)XB12 |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | |
| 12.4XC | Fixed in Release | Not vulnerable |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XD | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | Not vulnerable | |
| | | |
| 12.4XE | Vulnerable; First | Not vulnerable |
| | Fixed in Release | |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XF | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | Releases up to and | |
| | including 12.4(9)XG1 | |
| | are not vulnerable. | |
| | | Vulnerable; First |
| 12.4XG | Releases 12.4(9)XG3 | fixed in Release |
| | and later are not | 12.4T |
| | vulnerable. First | |
| | fixed in Release | |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| | Not vulnerable | |
| | | |
| 12.4XJ | Vulnerable; First | Not vulnerable |
| | Fixed in Release | |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| 12.4XK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4XL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Releases up to and | |
| | including 12.4(15)XM | |
| | are not vulnerable. | |
| | | Vulnerable; First |
| 12.4XM | Releases 12.4(15)XM3 | fixed in Release |
| | and later are not | 12.4T |
| | vulnerable. First | |
| | fixed in Release | |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4XN | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4XP | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XQ | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XR | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 12.4XT | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XV | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 12.4XW | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 12.4XY | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 12.4XZ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 12.4YA | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4YB | instructions in | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4YD | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; fixed in |
| | | 12.4(22)YE6 on |
| 12.4YE | Not vulnerable | 30-Sept-2011; 12.4 |
| | | (24)YE7 available on |
| | | 17-Oct-2011 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4YG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.0-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 15.0M | 15.0(1)M7 | 15.0(1)M7 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0MR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0MRA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Not vulnerable | 15.0(1)S4 |
| | | |
| 15.0S | Cisco IOS XE devices: | Cisco IOS XE devices: |
| | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0SA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 15.0SE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Cisco IOS XE devices: | Cisco IOS XE devices: |
| 15.0SG | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 15.0XA | fixed in Release | fixed in Release |
| | 15.1T | 15.1T |
|------------+-----------------------+-----------------------|
| | Cisco IOS XE devices: | Cisco IOS XE devices: |
| 15.0XO | See Cisco IOS-XE | See Cisco IOS-XE |
| | Software Availability | Software Availability |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.1-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.1EY | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; First | Vulnerable; First |
| 15.1GC | fixed in Release | fixed in Release |
| | 15.1T | 15.1T |
|------------+-----------------------+-----------------------|
| 15.1M | 15.1(4)M1 | 15.1(4)M2; Available |
| | | on 30-SEP-11 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.1MR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | 15.1(2)S2 |
| | Not vulnerable | |
| | | 15.1(3)S |
| 15.1S | Cisco IOS XE devices: | |
| | See Cisco IOS-XE | Cisco IOS XE devices: |
| | Software Availability | See Cisco IOS-XE |
| | | Software Availability |
|------------+-----------------------+-----------------------|
| | 15.1(2)T4 | 15.1(2)T4 15.1(1)T4 |
| 15.1T | | on 8-Dec-2011 |
| | 15.1(3)T2 | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; First |
| 15.1XB | 15.1(4)XB5 | fixed in Release |
| | | 15.1T |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.2-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 15.2 based releases |
+------------------------------------------------------------+
Cisco IOS XE Software
+--------------------
+------------------------------------------------------------+
| Cisco | First | First Fixed Release for All |
| IOS XE | Fixed | Advisories in the September 2011 |
| Release | Release | Bundled Publication |
|----------+------------+------------------------------------|
| 2.1.x | Not | Vulnerable; migrate to 3.3.2S or |
| | Vulnerable | later |
|----------+------------+------------------------------------|
| 2.2.x | Not | Vulnerable; migrate to 3.3.2S or |
| | Vulnerable | later |
|----------+------------+------------------------------------|
| 2.3.x | Not | Vulnerable; migrate to 3.3.2S or |
| | Vulnerable | later |
|----------+------------+------------------------------------|
| 2.4.x | Not | Vulnerable; migrate to 3.3.2S or |
| | Vulnerable | later |
|----------+------------+------------------------------------|
| 2.5.x | 3.1.3S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 2.6.x | 3.1.3S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 3.1.xS | 3.1.3S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 3.1.xSG | Not | Vulnerable; migrate to 3.2.0SG or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 3.2.xS | 3.2.1S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 3.2.xSG | Not | Not vulnerable |
| | vulnerable | |
|----------+------------+------------------------------------|
| 3.3.xS | Not | 3.3.2S |
| | Vulnerable | |
|----------+------------+------------------------------------|
| 3.4.xS | Not | Not Vulnerable |
| | Vulnerable | |
+------------------------------------------------------------+
For mapping of Cisco IOS XE to Cisco IOS releases, please refer to
the Cisco IOS XE 2 Release Notes, Cisco IOS XE 3S Release Notes, and
Cisco IOS XE 3SG Release Notes.
Cisco IOS XR System Software
+---------------------------
Cisco IOS XR Software is not affected by any of the vulnerabilities
in the September 2011 bundled publication.
Workarounds
===========
If the affected Cisco IOS device requires SIP for VoIP services, SIP
cannot be disabled and no workarounds are available. Users are
advised to apply mitigation techniques to help limit exposure to the
vulnerabilities. Mitigation consists of allowing only legitimate
devices to connect to affected devices. To increase effectiveness,
the mitigation must be coupled with measures against spoofing on the
network edge. This action is required because SIP can use UDP as the
transport protocol.
Additional mitigations that can be deployed on Cisco
devices within the network are available in the companion
document "Cisco Applied Mitigation Bulletin:Identifying and
Mitigating Exploitation of the Multiple Vulnerabilities
in Cisco Voice Products" at the following location:
http://www.cisco.com/warp/public/707/cisco-amb-20110928-voice.shtml.
Disabling SIP Listening Ports
+----------------------------
For devices that do not require SIP to be enabled, the simplest and
most effective workaround is to disable SIP processing on the device.
Some versions of Cisco IOS Software allow administrators to disable
SIP with the following commands:
sip-ua
no transport udp
no transport tcp
no transport tcp tls
Warning: When applying this workaround to devices that are processing
Media Gateway Control Protocol (MGCP) or H.323 calls, the device will
not stop SIP processing while active calls are being processed. Under
these circumstances, this workaround should be implemented during a
maintenance window when active calls can be briefly stopped.
The "show udp connections", "show tcp brief all", and "show processes |
include SIP" commands can be used to confirm that the SIP UDP and TCP
ports are closed after applying this workaround.
Depending on the Cisco IOS Software version in use, when SIP is
disabled, the output from the "show ip sockets" command may still show
the SIP ports open, but sending traffic to them will cause the SIP
process to display the following message:
*Jun 2 11:36:47.691: sip_udp_sock_process_read: SIP UDP Listener is DISABLED
Control Plane Policing
+---------------------
For devices that need to offer SIP services, it is possible to use
Control Plane Policing (CoPP) to block SIP traffic to the device from
untrusted sources. Cisco IOS Releases 12.0S, 12.2SX, 12.2S, 12.3T,
12.4, and 12.4T support the CoPP feature. CoPP may be configured on a
device to protect the management and control planes to minimize the
risk and effectiveness of direct infrastructure attacks by explicitly
permitting only authorized traffic sent to infrastructure devices in
accordance with existing security policies and configurations. The
following example can be adapted to specific network configurations:
!-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted.
!-- Everything else is not trusted. The following access list is used
!-- to determine what traffic needs to be dropped by a control plane
!-- policy (the CoPP feature): if the access list matches (permit)
!-- then traffic will be dropped and if the access list does not
!-- match (deny) then traffic will be processed by the router.
access-list 100 deny udp 192.168.1.0 0.0.0.255 any eq 5060
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5060
access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 5061
access-list 100 deny udp host 172.16.1.1 any eq 5060
access-list 100 deny tcp host 172.16.1.1 any eq 5060
access-list 100 deny tcp host 172.16.1.1 any eq 5061
access-list 100 permit udp any any eq 5060
access-list 100 permit tcp any any eq 5060
access-list 100 permit tcp any any eq 5061
!-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4
!-- traffic in accordance with existing security policies and
!-- configurations for traffic that is authorized to be sent
!-- to infrastructure devices.
!-- Create a Class-Map for traffic to be policed by
!-- the CoPP feature.
class-map match-all drop-sip-class
match access-group 100
!-- Create a Policy-Map that will be applied to the
!-- Control-Plane of the device.
policy-map control-plane-policy
class drop-sip-class
drop
!-- Apply the Policy-Map to the Control-Plane of the
!-- device.
control-plane
service-policy input control-plane-policy
Note: Because SIP can use UDP as a transport protocol, it is possible
to spoof the source address of an IP packet, which may bypass access
control lists that permit communication to these ports from trusted
IP addresses.
In the preceding CoPP example, the access control entries (ACEs) that
match the potential exploit packets with the permit action cause these
packets to be discarded by the policy-map drop function, whereas
packets that match the deny action (not shown) are not affected by the
policy-map drop function. Additional information on the configuration
and use of the CoPP feature can be found at
http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html and
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered by Cisco during internal
testing.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-bulletins@lists.first.org
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.grok.org.uk
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2011-September-28 | Initial public release. |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2010-2011 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iF4EAREIAAYFAk6Cp2gACgkQQXnnBKKRMNDX3gD/UeN/lhANnUYaPYTJesK+CgTF
Hnpss1asMqYlNes4DlgA/idrlbSx8cbkiX0rrhhHEkTNFRcVmvxA3gJhKq9s9GsO
=XFrW
-----END PGP SIGNATURE-----