DebianDEBIAN:DSA-3144-1:1ABE5[SECURITY] [DSA 3144-1] openjdk-7 security update
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.975 High
EPSS
Percentile
100.0%
Debian Security Advisory DSA-3144-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
January 29, 2015 http://www.debian.org/security/faq
Package : openjdk-7
CVE ID : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591
CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395
CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, information disclosure or denial of service.
For the stable distribution (wheezy), these problems have been fixed in
version 7u75-2.5.4-1~deb7u1.
For the upcoming stable distribution (jessie), these problems will be
fixed soon.
For the unstable distribution (sid), these problems have been fixed in
version 7u75-2.5.4-1.
We recommend that you upgrade your openjdk-7 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | s390x | openjdk-7-jre-headless | < 7u75-2.5.4-1~deb7u1 | openjdk-7-jre-headless_7u75-2.5.4-1~deb7u1_s390x.deb |
| Debian | 7 | ia64 | libicu48-dbg | < 4.8.1.1-12+deb7u2 | libicu48-dbg_4.8.1.1-12+deb7u2_ia64.deb |
| Debian | 7 | armel | openjdk-7-jdk | < 7u75-2.5.4-1~deb7u1 | openjdk-7-jdk_7u75-2.5.4-1~deb7u1_armel.deb |
| Debian | 6 | amd64 | openjdk-6-jre | < 6b34-1.13.6-1~deb6u1 | openjdk-6-jre_6b34-1.13.6-1~deb6u1_amd64.deb |
| Debian | 7 | amd64 | openjdk-6-jre-headless | < 6b34-1.13.6-1~deb7u1 | openjdk-6-jre-headless_6b34-1.13.6-1~deb7u1_amd64.deb |
| Debian | 7 | all | openjdk-7-jre-lib | < 7u75-2.5.4-1~deb7u1 | openjdk-7-jre-lib_7u75-2.5.4-1~deb7u1_all.deb |
| Debian | 7 | s390 | libicu48 | < 4.8.1.1-12+deb7u2 | libicu48_4.8.1.1-12+deb7u2_s390.deb |
| Debian | 7 | i386 | icedtea-7-jre-jamvm | < 7u75-2.5.4-1~deb7u1 | icedtea-7-jre-jamvm_7u75-2.5.4-1~deb7u1_i386.deb |
| Debian | 7 | i386 | openjdk-7-jdk | < 7u75-2.5.4-1~deb7u1 | openjdk-7-jdk_7u75-2.5.4-1~deb7u1_i386.deb |
| Debian | 7 | mips | libicu48-dbg | < 4.8.1.1-12+deb7u2 | libicu48-dbg_4.8.1.1-12+deb7u2_mips.deb |
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.975 High
EPSS
Percentile
100.0%