Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310831439
HistoryAug 18, 2011 - 12:00 a.m.

Mandriva Update for java-1.6.0-openjdk MDVSA-2011:126 (java-1.6.0-openjdk)

2011-08-1800:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
21

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.6

Confidence

High

EPSS

0.026

Percentile

90.6%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.mandriva.com/security-announce/2011-08/msg00008.php");
  script_oid("1.3.6.1.4.1.25623.1.0.831439");
  script_version("2023-07-14T16:09:26+0000");
  script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-08-18 14:57:45 +0200 (Thu, 18 Aug 2011)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_xref(name:"MDVSA", value:"2011:126");
  script_cve_id("CVE-2011-0865", "CVE-2011-0862", "CVE-2011-0867", "CVE-2011-0869", "CVE-2011-0868", "CVE-2011-0864", "CVE-2011-0871");
  script_name("Mandriva Update for java-1.6.0-openjdk MDVSA-2011:126 (java-1.6.0-openjdk)");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'java-1.6.0-openjdk'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(mes5|2010\.1|2009\.0)");
  script_tag(name:"affected", value:"java-1.6.0-openjdk on Mandriva Linux 2009.0,
  Mandriva Linux 2009.0/X86_64,
  Mandriva Linux 2010.1,
  Mandriva Linux 2010.1/X86_64,
  Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64");
  script_tag(name:"insight", value:"Multiple vulnerabilities were discovered and corrected in
  java-1.6.0-openjdk:

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29
  and earlier, and 1.4.2_31 and earlier allows remote untrusted Java
  Web Start applications and untrusted Java applets to affect integrity
  via unknown vectors related to Deserialization (CVE-2011-0865).

  Multiple unspecified vulnerabilities in the Java Runtime Environment
  (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
  29 and earlier, and 1.4.2_31 and earlier allow remote attackers
  to affect confidentiality, integrity, and availability via unknown
  vectors related to 2D (CVE-2011-0862).

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29
  and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web
  Start applications and untrusted Java applets to affect confidentiality
  via unknown vectors related to Networking (CVE-2011-0867).

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 26 and earlier allows remote
  untrusted Java Web Start applications and untrusted Java applets
  to affect confidentiality via unknown vectors related to SAAJ
  (CVE-2011-0869).

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 25 and earlier allows remote
  attackers to affect confidentiality via unknown vectors related to 2D
  (CVE-2011-0868).

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
  29 and earlier, and 1.4.2_31 and earlier allows remote untrusted
  Java Web Start applications and untrusted Java applets to affect
  confidentiality, integrity, and availability via unknown vectors
  related to HotSpot (CVE-2011-0864).

  Unspecified vulnerability in the Java Runtime Environment (JRE)
  component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
  29 and earlier, and 1.4.2_31 and earlier allows remote untrusted
  Java Web Start applications and untrusted Java applets to affect
  confidentiality, integrity, and availability via unknown vectors
  related to Swing (CVE-2011-0871).

  Packages for 2009.0 are provided as of the Extended Maintenance
  Program. Please visit this link to ...

  Description truncated, please see the referenced URL(s) for more information.");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"icedtea-web", rpm:"icedtea-web~1.0.4~0.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~22.b22.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~22.b22.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~22.b22.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk-javadoc~1.6.0.0~22.b22.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~22.b22.2mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender1", rpm:"libxrender1~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-devel", rpm:"libxrender-devel~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-static-devel", rpm:"libxrender-static-devel~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender", rpm:"libxrender~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender1", rpm:"lib64xrender1~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-devel", rpm:"lib64xrender-devel~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-static-devel", rpm:"lib64xrender-static-devel~0.9.6~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2010.1")
{

  if ((res = isrpmvuln(pkg:"icedtea-web", rpm:"icedtea-web~1.0.4~0.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~22.b22.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~22.b22.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~22.b22.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk~javadoc-1.6.0.0~22.b22.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~22.b22.2mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender1", rpm:"libxrender1~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-devel", rpm:"libxrender-devel~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-static-devel", rpm:"libxrender-static-devel~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender", rpm:"libxrender~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender1", rpm:"lib64xrender1~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-devel", rpm:"lib64xrender-devel~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-static-devel", rpm:"lib64xrender-static-devel~0.9.6~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2009.0")
{

  if ((res = isrpmvuln(pkg:"icedtea-web", rpm:"icedtea-web~1.0.4~0.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk", rpm:"java-1.6.0-openjdk~1.6.0.0~22.b22.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-demo", rpm:"java-1.6.0-openjdk-demo~1.6.0.0~22.b22.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-devel", rpm:"java-1.6.0-openjdk-devel~1.6.0.0~22.b22.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-javadoc", rpm:"java-1.6.0-openjdk-javadoc~1.6.0.0~22.b22.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"java-1.6.0-openjdk-src", rpm:"java-1.6.0-openjdk-src~1.6.0.0~22.b22.2mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender1", rpm:"libxrender1~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-devel", rpm:"libxrender-devel~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender-static-devel", rpm:"libxrender-static-devel~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libxrender", rpm:"libxrender~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender1", rpm:"lib64xrender1~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-devel", rpm:"lib64xrender-devel~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64xrender-static-devel", rpm:"lib64xrender-static-devel~0.9.6~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

openvas 46
nessus 47
osv 2
securityvulns 13
redhat 8
centos 1
debian 2
suse 10
oraclelinux 2
ubuntu 1
fedora 8
ubuntucve 9
prion 7
cvelist 7
nvd 7
cve 7
veracode 7
zdi 9
gentoo 2
vmware 2
oracle 1
openvas
openvas
RedHat Update for java-1.6.0-openjdk RHSA-2011:0857-01
2011-06-10 00:00:00
CentOS Update for java CESA-2011:0857 centos5 x86_64
2012-07-30 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2011:0856-01
2012-06-06 00:00:00
nessus
nessus
Fedora 15 : java-1.6.0-openjdk-1.6.0.0-58.1.10.2.fc15 (2011-8028)
2011-06-16 00:00:00
RHEL 5 : java-1.6.0-openjdk (RHSA-2011:0857)
2011-06-09 00:00:00
RHEL 6 : java-1.6.0-openjdk (RHSA-2011:0856)
2011-06-09 00:00:00
osv
osv
openjdk-6 - several
2011-09-27 00:00:00
openjdk-6 - several
2011-12-05 00:00:00
securityvulns
securityvulns
Oracle Sun Java multiple security vulnerabilities
2011-08-17 00:00:00
[ MDVSA-2011:126 ] java-1.6.0-openjdk
2011-08-17 00:00:00
ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability
2011-06-10 00:00:00
redhat
redhat
(RHSA-2011:0857) Important: java-1.6.0-openjdk security update
2011-06-08 00:00:00
(RHSA-2011:0856) Critical: java-1.6.0-openjdk security update
2011-06-08 00:00:00
(RHSA-2011:0860) Critical: java-1.6.0-sun security update
2011-06-08 00:00:00
centos
centos
java security update
2011-06-13 14:03:30
debian
debian
[SECURITY] [DSA 2311-1] openjdk-6 security update
2011-09-27 20:10:30
[SECURITY] [DSA 2358-1] openjdk-6 security update
2011-12-05 19:26:27
suse
suse
java-1_6_0-openjdk (important)
2011-06-28 13:08:22
Oracle Java 26 (critical)
2011-06-14 19:08:17
Sun/Oracle Java (critical)
2011-06-14 19:08:14
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-06-08 00:00:00
java-1.6.0-openjdk security update
2011-06-08 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: java-1.6.0-openjdk-1.6.0.0-58.1.10.2.fc15
2011-06-15 05:44:07
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-53.1.9.8.fc14
2011-06-11 04:18:13
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
2011-06-15 05:33:46
ubuntucve
ubuntucve
CVE-2011-0869
2011-06-14 00:00:00
CVE-2011-0868
2011-06-14 00:00:00
CVE-2011-0862
2011-06-14 00:00:00
prion
prion
Design/Logic Flaw
2011-06-14 18:55:00
Design/Logic Flaw
2011-06-14 18:55:00
Design/Logic Flaw
2011-06-14 18:55:00
cvelist
cvelist
CVE-2011-0869
2011-06-14 18:00:00
CVE-2011-0862
2011-06-14 18:00:00
CVE-2011-0867
2011-06-14 18:00:00
nvd
nvd
CVE-2011-0869
2011-06-14 18:55:02
CVE-2011-0864
2011-06-14 18:55:02
CVE-2011-0862
2011-06-14 18:55:02
cve
cve
CVE-2011-0869
2011-06-14 18:55:02
CVE-2011-0864
2011-06-14 18:55:02
CVE-2011-0862
2011-06-14 18:55:02
veracode
veracode
Information Disclosure
2019-05-02 04:55:58
Arbitrary Code Execution
2019-05-02 04:55:57
Information Disclosure
2019-05-02 04:55:58
zdi
zdi
Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability
2011-06-08 00:00:00
Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability
2011-06-08 00:00:00
Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability
2011-06-08 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2011
2011-12-15 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.6

Confidence

High

EPSS

0.026

Percentile

90.6%

JSON
Related for OPENVAS:1361412562310831439
openvas46nessus47osv2securityvulns13redhat8centos1debian2suse10oraclelinux2ubuntu1fedora8ubuntucve9prion7cvelist7nvd7cve7veracode7zdi9gentoo2vmware2oracle1