ID CVE-2011-0802
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814.
References
Vulnerable Configurations
  • Sun JDK 1.4.2
    cpe:2.3:a:sun:jdk:1.4.2
  • Sun JDK 1.4.2_1
    cpe:2.3:a:sun:jdk:1.4.2_1
  • Sun JDK 1.4.2_2
    cpe:2.3:a:sun:jdk:1.4.2_2
  • Sun JDK 1.4.2_3
    cpe:2.3:a:sun:jdk:1.4.2_3
  • Sun JDK 1.4.2_4
    cpe:2.3:a:sun:jdk:1.4.2_4
  • Sun JDK 1.4.2_5
    cpe:2.3:a:sun:jdk:1.4.2_5
  • Sun JDK 1.4.2_6
    cpe:2.3:a:sun:jdk:1.4.2_6
  • Sun JDK 1.4.2_7
    cpe:2.3:a:sun:jdk:1.4.2_7
  • Sun JDK 1.4.2_8
    cpe:2.3:a:sun:jdk:1.4.2_8
  • Sun JDK 1.4.2_9
    cpe:2.3:a:sun:jdk:1.4.2_9
  • Sun JDK 1.4.2_10
    cpe:2.3:a:sun:jdk:1.4.2_10
  • Sun JDK 1.4.2_11
    cpe:2.3:a:sun:jdk:1.4.2_11
  • Sun JDK 1.4.2_12
    cpe:2.3:a:sun:jdk:1.4.2_12
  • Sun JDK 1.4.2_13
    cpe:2.3:a:sun:jdk:1.4.2_13
  • Sun JDK 1.4.2_14
    cpe:2.3:a:sun:jdk:1.4.2_14
  • Sun JDK 1.4.2_15
    cpe:2.3:a:sun:jdk:1.4.2_15
  • Sun JDK 1.4.2_16
    cpe:2.3:a:sun:jdk:1.4.2_16
  • Sun JDK 1.4.2_17
    cpe:2.3:a:sun:jdk:1.4.2_17
  • Sun JDK 1.4.2_18
    cpe:2.3:a:sun:jdk:1.4.2_18
  • Sun JDK 1.4.2_19
    cpe:2.3:a:sun:jdk:1.4.2_19
  • cpe:2.3:a:sun:jdk:1.4.2_20
    cpe:2.3:a:sun:jdk:1.4.2_20
  • cpe:2.3:a:sun:jdk:1.4.2_21
    cpe:2.3:a:sun:jdk:1.4.2_21
  • Sun JDK 1.4.2_22
    cpe:2.3:a:sun:jdk:1.4.2_22
  • Sun JDK 1.4.2_23
    cpe:2.3:a:sun:jdk:1.4.2_23
  • cpe:2.3:a:sun:jdk:1.4.2_24
    cpe:2.3:a:sun:jdk:1.4.2_24
  • Sun JDK 1.4.2_25
    cpe:2.3:a:sun:jdk:1.4.2_25
  • Sun JDK 1.4.2_26
    cpe:2.3:a:sun:jdk:1.4.2_26
  • Sun JDK 1.4.2_27
    cpe:2.3:a:sun:jdk:1.4.2_27
  • Sun JDK 1.4.2_28
    cpe:2.3:a:sun:jdk:1.4.2_28
  • Sun JDK 1.4.2_29
    cpe:2.3:a:sun:jdk:1.4.2_29
  • Sun JDK 1.4.2_30
    cpe:2.3:a:sun:jdk:1.4.2_30
  • Sun JDK 1.4.2_31
    cpe:2.3:a:sun:jdk:1.4.2_31
  • Sun JRE 1.4.2
    cpe:2.3:a:sun:jre:1.4.2
  • Sun JRE 1.4.2_1
    cpe:2.3:a:sun:jre:1.4.2_1
  • Sun JRE 1.4.2_2
    cpe:2.3:a:sun:jre:1.4.2_2
  • Sun JRE 1.4.2_3
    cpe:2.3:a:sun:jre:1.4.2_3
  • Sun JRE 1.4.2_4
    cpe:2.3:a:sun:jre:1.4.2_4
  • Sun JRE 1.4.2_5
    cpe:2.3:a:sun:jre:1.4.2_5
  • Sun JRE 1.4.2_6
    cpe:2.3:a:sun:jre:1.4.2_6
  • Sun JRE 1.4.2_7
    cpe:2.3:a:sun:jre:1.4.2_7
  • Sun JRE 1.4.2_8
    cpe:2.3:a:sun:jre:1.4.2_8
  • Sun JRE 1.4.2_9
    cpe:2.3:a:sun:jre:1.4.2_9
  • Sun JRE 1.4.2_10
    cpe:2.3:a:sun:jre:1.4.2_10
  • Sun JRE 1.4.2_11
    cpe:2.3:a:sun:jre:1.4.2_11
  • Sun JRE 1.4.2_12
    cpe:2.3:a:sun:jre:1.4.2_12
  • Sun JRE 1.4.2_13
    cpe:2.3:a:sun:jre:1.4.2_13
  • Sun JRE 1.4.2_14
    cpe:2.3:a:sun:jre:1.4.2_14
  • Sun JRE 1.4.2_15
    cpe:2.3:a:sun:jre:1.4.2_15
  • Sun JRE 1.4.2_16
    cpe:2.3:a:sun:jre:1.4.2_16
  • Sun JRE 1.4.2_17
    cpe:2.3:a:sun:jre:1.4.2_17
  • Sun JRE 1.4.2_18
    cpe:2.3:a:sun:jre:1.4.2_18
  • Sun JRE 1.4.2_19
    cpe:2.3:a:sun:jre:1.4.2_19
  • Sun JRE 1.4.2_20
    cpe:2.3:a:sun:jre:1.4.2_20
  • Sun JRE 1.4.2_21
    cpe:2.3:a:sun:jre:1.4.2_21
  • Sun JRE 1.4.2_22
    cpe:2.3:a:sun:jre:1.4.2_22
  • Sun JRE 1.4.2_23
    cpe:2.3:a:sun:jre:1.4.2_23
  • Sun JRE 1.4.2_24
    cpe:2.3:a:sun:jre:1.4.2_24
  • Sun JRE 1.4.2_25
    cpe:2.3:a:sun:jre:1.4.2_25
  • Sun JRE 1.4.2_26
    cpe:2.3:a:sun:jre:1.4.2_26
  • Sun JRE 1.4.2_27
    cpe:2.3:a:sun:jre:1.4.2_27
  • Sun JRE 1.4.2_28
    cpe:2.3:a:sun:jre:1.4.2_28
  • Sun JRE 1.4.2_29
    cpe:2.3:a:sun:jre:1.4.2_29
  • Sun JRE 1.4.2_30
    cpe:2.3:a:sun:jre:1.4.2_30
  • Sun JRE 1.4.2_31
    cpe:2.3:a:sun:jre:1.4.2_31
  • Sun JDK 1.6.0
    cpe:2.3:a:sun:jdk:1.6.0
  • Sun JDK 6 Update 1
    cpe:2.3:a:sun:jdk:1.6.0:update1
  • Sun JDK 6 Update 2
    cpe:2.3:a:sun:jdk:1.6.0:update2
  • Sun JDK 1.6.0 Update 10
    cpe:2.3:a:sun:jdk:1.6.0:update_10
  • Sun JDK 1.6.0 Update 11
    cpe:2.3:a:sun:jdk:1.6.0:update_11
  • Sun JDK 1.6.0 Update 12
    cpe:2.3:a:sun:jdk:1.6.0:update_12
  • Sun JDK 1.6.0 Update 13
    cpe:2.3:a:sun:jdk:1.6.0:update_13
  • Sun JDK 1.6.0 Update 14
    cpe:2.3:a:sun:jdk:1.6.0:update_14
  • Sun JDK 1.6.0 Update 15
    cpe:2.3:a:sun:jdk:1.6.0:update_15
  • Sun JDK 1.6.0 Update 16
    cpe:2.3:a:sun:jdk:1.6.0:update_16
  • Sun JDK 1.6.0 Update 17
    cpe:2.3:a:sun:jdk:1.6.0:update_17
  • Sun JDK 1.6.0 Update 18
    cpe:2.3:a:sun:jdk:1.6.0:update_18
  • Sun JDK 1.6.0 Update 19
    cpe:2.3:a:sun:jdk:1.6.0:update_19
  • Sun JDK 1.6.0 Update 20
    cpe:2.3:a:sun:jdk:1.6.0:update_20
  • Sun JDK 1.6.0 Update 21
    cpe:2.3:a:sun:jdk:1.6.0:update_21
  • cpe:2.3:a:sun:jdk:1.6.0:update_22
    cpe:2.3:a:sun:jdk:1.6.0:update_22
  • cpe:2.3:a:sun:jdk:1.6.0:update_23
    cpe:2.3:a:sun:jdk:1.6.0:update_23
  • cpe:2.3:a:sun:jdk:1.6.0:update_24
    cpe:2.3:a:sun:jdk:1.6.0:update_24
  • cpe:2.3:a:sun:jdk:1.6.0:update_25
    cpe:2.3:a:sun:jdk:1.6.0:update_25
  • Sun JDK 1.6.0 Update 3
    cpe:2.3:a:sun:jdk:1.6.0:update_3
  • Sun JDK 1.6.0 Update 4
    cpe:2.3:a:sun:jdk:1.6.0:update_4
  • Sun JDK 1.6.0 Update 5
    cpe:2.3:a:sun:jdk:1.6.0:update_5
  • Sun JDK 1.6.0 Update 6
    cpe:2.3:a:sun:jdk:1.6.0:update_6
  • Sun JDK 1.6.0 Update 7
    cpe:2.3:a:sun:jdk:1.6.0:update_7
  • Sun JRE 1.6.0
    cpe:2.3:a:sun:jre:1.6.0
  • Sun JRE 1.6.0 Update 1
    cpe:2.3:a:sun:jre:1.6.0:update_1
  • Sun JRE 1.6.0 Update 10
    cpe:2.3:a:sun:jre:1.6.0:update_10
  • Sun JRE 1.6.0 Update 11
    cpe:2.3:a:sun:jre:1.6.0:update_11
  • Sun JRE 1.6.0 Update 12
    cpe:2.3:a:sun:jre:1.6.0:update_12
  • Sun JRE 1.6.0 Update 13
    cpe:2.3:a:sun:jre:1.6.0:update_13
  • Sun JRE 1.6.0 Update 14
    cpe:2.3:a:sun:jre:1.6.0:update_14
  • Sun JRE 1.6.0 Update 15
    cpe:2.3:a:sun:jre:1.6.0:update_15
  • Sun JRE 1.6.0 Update 16
    cpe:2.3:a:sun:jre:1.6.0:update_16
  • Sun JRE 1.6.0 Update 17
    cpe:2.3:a:sun:jre:1.6.0:update_17
  • Sun JRE 1.6.0 Update 18
    cpe:2.3:a:sun:jre:1.6.0:update_18
  • Sun JRE 1.6.0 Update 19
    cpe:2.3:a:sun:jre:1.6.0:update_19
  • Sun JRE 1.6.0 Update 2
    cpe:2.3:a:sun:jre:1.6.0:update_2
  • Sun JRE 1.6.0 Update 20
    cpe:2.3:a:sun:jre:1.6.0:update_20
  • Sun JRE 1.6.0 Update 21
    cpe:2.3:a:sun:jre:1.6.0:update_21
  • cpe:2.3:a:sun:jre:1.6.0:update_22
    cpe:2.3:a:sun:jre:1.6.0:update_22
  • cpe:2.3:a:sun:jre:1.6.0:update_23
    cpe:2.3:a:sun:jre:1.6.0:update_23
  • cpe:2.3:a:sun:jre:1.6.0:update_24
    cpe:2.3:a:sun:jre:1.6.0:update_24
  • cpe:2.3:a:sun:jre:1.6.0:update_25
    cpe:2.3:a:sun:jre:1.6.0:update_25
  • Sun JRE 1.6.0 Update 3
    cpe:2.3:a:sun:jre:1.6.0:update_3
  • Sun JRE 1.6.0 Update 4
    cpe:2.3:a:sun:jre:1.6.0:update_4
  • Sun JRE 1.6.0 Update 5
    cpe:2.3:a:sun:jre:1.6.0:update_5
  • Sun JRE 1.6.0 Update 6
    cpe:2.3:a:sun:jre:1.6.0:update_6
  • Sun JRE 1.6.0 Update 7
    cpe:2.3:a:sun:jre:1.6.0:update_7
  • Sun JDK 1.5.0
    cpe:2.3:a:sun:jdk:1.5.0
  • Sun JDK 5.0 Update1
    cpe:2.3:a:sun:jdk:1.5.0:update1
  • Sun JDK 5.0 Update10
    cpe:2.3:a:sun:jdk:1.5.0:update10
  • Sun JDK 5.0 Update11
    cpe:2.3:a:sun:jdk:1.5.0:update11
  • Sun JDK 1.5.0_11 b03
    cpe:2.3:a:sun:jdk:1.5.0:update11_b03
  • Sun JDK 5.0 Update12
    cpe:2.3:a:sun:jdk:1.5.0:update12
  • Sun JDK 5.0 Update 13
    cpe:2.3:a:sun:jdk:1.5.0:update13
  • Sun JDK 5.0 Update 14
    cpe:2.3:a:sun:jdk:1.5.0:update14
  • Sun JDK 5.0 Update 15
    cpe:2.3:a:sun:jdk:1.5.0:update15
  • Sun JDK 5.0 Update 16
    cpe:2.3:a:sun:jdk:1.5.0:update16
  • Sun JDK 5.0 Update 17
    cpe:2.3:a:sun:jdk:1.5.0:update17
  • Sun JDK 5.0 Update 18
    cpe:2.3:a:sun:jdk:1.5.0:update18
  • Sun JDK 5.0 Update 19
    cpe:2.3:a:sun:jdk:1.5.0:update19
  • Sun JDK 5.0 Update2
    cpe:2.3:a:sun:jdk:1.5.0:update2
  • Sun JDK 5.0 Update 20
    cpe:2.3:a:sun:jdk:1.5.0:update20
  • Sun JDK 5.0 Update 21
    cpe:2.3:a:sun:jdk:1.5.0:update21
  • Sun JDK 5.0 Update 22
    cpe:2.3:a:sun:jdk:1.5.0:update22
  • Sun JDK 5.0 Update 23
    cpe:2.3:a:sun:jdk:1.5.0:update23
  • Sun JDK 5.0 Update 24
    cpe:2.3:a:sun:jdk:1.5.0:update24
  • Sun JDK 5.0 Update 25
    cpe:2.3:a:sun:jdk:1.5.0:update25
  • Sun JDK 5.0 Update 26
    cpe:2.3:a:sun:jdk:1.5.0:update26
  • Sun JDK 5.0 Update 27
    cpe:2.3:a:sun:jdk:1.5.0:update27
  • Sun JDK 5.0 Update 28
    cpe:2.3:a:sun:jdk:1.5.0:update28
  • Sun JDK 5.0 Update 29
    cpe:2.3:a:sun:jdk:1.5.0:update29
  • Sun JDK 5.0 Update3
    cpe:2.3:a:sun:jdk:1.5.0:update3
  • Sun JDK 5.0 Update4
    cpe:2.3:a:sun:jdk:1.5.0:update4
  • Sun JDK 5.0 Update5
    cpe:2.3:a:sun:jdk:1.5.0:update5
  • Sun JDK 1.5.0_6
    cpe:2.3:a:sun:jdk:1.5.0:update6
  • Sun JDK 5.0 Update7
    cpe:2.3:a:sun:jdk:1.5.0:update7
  • Sun JDK 1.5 _07-b03
    cpe:2.3:a:sun:jdk:1.5.0:update7_b03
  • Sun JDK 5.0 Update8
    cpe:2.3:a:sun:jdk:1.5.0:update8
  • Sun JDK 5.0 Update9
    cpe:2.3:a:sun:jdk:1.5.0:update9
  • Sun JRE 1.5.0
    cpe:2.3:a:sun:jre:1.5.0
  • Sun JRE 1.5.0_1 (JRE 5.0 Update 1)
    cpe:2.3:a:sun:jre:1.5.0:update1
  • Sun JRE 1.5.0_10 (JRE 5.0 Update 10)
    cpe:2.3:a:sun:jre:1.5.0:update10
  • Sun JRE 1.5.0_11 (JRE 5.0 Update 11)
    cpe:2.3:a:sun:jre:1.5.0:update11
  • Sun JRE 1.5.0_12 (JRE 5.0 Update 12)
    cpe:2.3:a:sun:jre:1.5.0:update12
  • Sun JRE 1.5.0_13 (JRE 5.0 Update 13)
    cpe:2.3:a:sun:jre:1.5.0:update13
  • Sun JRE 1.5.0_14 (JRE 5.0 Update 14)
    cpe:2.3:a:sun:jre:1.5.0:update14
  • Sun JRE 1.5.0_15 (JRE 5.0 Update 15)
    cpe:2.3:a:sun:jre:1.5.0:update15
  • Sun JRE 1.5.0_16 (JRE 5.0 Update 16)
    cpe:2.3:a:sun:jre:1.5.0:update16
  • Sun JRE 1.5.0_17 (JRE 5.0 Update 17)
    cpe:2.3:a:sun:jre:1.5.0:update17
  • Sun JRE 1.5.0_18 (JRE 5.0 Update 18)
    cpe:2.3:a:sun:jre:1.5.0:update18
  • Sun JRE 1.5.0_19 (JRE 5.0 Update 19)
    cpe:2.3:a:sun:jre:1.5.0:update19
  • Sun JRE 1.5.0_2 (JRE 5.0 Update 2)
    cpe:2.3:a:sun:jre:1.5.0:update2
  • Sun JRE 1.5.0_20 (JRE 5.0 Update 20)
    cpe:2.3:a:sun:jre:1.5.0:update20
  • Sun JRE 1.5.0_21 (JRE 5.0 Update 21)
    cpe:2.3:a:sun:jre:1.5.0:update21
  • Sun JRE 1.5.0_22 (JRE 5.0 Update 22)
    cpe:2.3:a:sun:jre:1.5.0:update22
  • Sun JRE 1.5.0_23 (JRE 5.0 Update 23)
    cpe:2.3:a:sun:jre:1.5.0:update23
  • Sun JRE 1.5.0_24 (JRE 5.0 Update 24)
    cpe:2.3:a:sun:jre:1.5.0:update24
  • Sun JRE 1.5.0_25 (JRE 5.0 Update 25)
    cpe:2.3:a:sun:jre:1.5.0:update25
  • Sun JRE 1.5.0_26 (JRE 5.0 Update 26)
    cpe:2.3:a:sun:jre:1.5.0:update26
  • Sun JRE 1.5.0_27 (JRE 5.0 Update 27)
    cpe:2.3:a:sun:jre:1.5.0:update27
  • Sun JRE 1.5.0_29 (JRE 5.0 Update 29)
    cpe:2.3:a:sun:jre:1.5.0:update29
  • Sun JRE 1.5.0_3 (JRE 5.0 Update 3)
    cpe:2.3:a:sun:jre:1.5.0:update3
  • Sun JRE 1.5.0_4 (JRE 5.0 Update 4)
    cpe:2.3:a:sun:jre:1.5.0:update4
  • Sun JRE 1.5.0_5 (JRE 5.0 Update 5)
    cpe:2.3:a:sun:jre:1.5.0:update5
  • Sun JRE 1.5.0_6 (JRE 5.0 Update 6)
    cpe:2.3:a:sun:jre:1.5.0:update6
  • Sun JRE 1.5.0_7 (JRE 5.0 Update 7)
    cpe:2.3:a:sun:jre:1.5.0:update7
  • Sun JRE 1.5.0_8 (JRE 5.0 Update 8)
    cpe:2.3:a:sun:jre:1.5.0:update8
  • Sun JRE 1.5.0_9 (JRE 5.0 Update 9)
    cpe:2.3:a:sun:jre:1.5.0:update9
CVSS
Base: 10.0 (as of 15-06-2011 - 10:09)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Misc.
    NASL id JUNIPER_NSM_PSN_2012_08_689.NASL
    description According to the version of one or more Juniper NSM servers running on the remote host, it is potentially affected by multiple vulnerabilities affecting the Java software running on the host.
    last seen 2019-02-21
    modified 2018-07-13
    plugin id 69874
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69874
    title Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689)
  • NASL family Windows
    NASL id HP_SYSTEMS_INSIGHT_MANAGER_700_MULTIPLE_VULNS.NASL
    description The version of HP Systems Insight Manager installed on the remote Windows host is affected by vulnerabilities in the following components : - TLS and SSL protocols - Apache Tomcat - Java - Flash Player - BlazeDS/GraniteDS - Adobe LiveCycle - Adobe Flex SDK - Systems Insight Manager
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59684
    published 2012-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59684
    title HP Systems Insight Manager < 7.0 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1455.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.4 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted ('/usr/sbin/rhn-satellite restart'), as well as all running instances of IBM Java.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 78975
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78975
    title RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_6_0-IBM-7627.NASL
    description IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. (CVE-2011-0786) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0788) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. (CVE-2011-0869) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0817) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0863) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. (CVE-2011-0868) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 57210
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57210
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7627)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12819.NASL
    description IBM Java 1.4.2 SR 13 Fixpack 10 has been released and fixes various bugs and security issues. The following security issues were fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56002
    published 2011-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56002
    title SuSE9 Security Update : IBM Java JRE and SDK (YOU Patch Number 12819)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_5_0-IBM-7650.NASL
    description IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and security issues. The following security issues were fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 57207
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57207
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7650)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0938.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM 'Security alerts' page, listed in the References section. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.6.0 SR9-FP2 Java release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 55598
    published 2011-07-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55598
    title RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2011:0938)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_6_0-IBM-7626.NASL
    description IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. (CVE-2011-0786) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0788) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. (CVE-2011-0869) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0817) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0863) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. (CVE-2011-0868) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55622
    published 2011-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55622
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7626)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_JAVA-1_6_0-SUN-110608.NASL
    description Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html (CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0786, CVE-2011-0788, CVE-2011-0866, CVE-2011-0868, CVE-2011-0872, CVE-2011-0867, CVE-2011-0869, CVE-2011-0865)
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 75873
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75873
    title openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0633-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1159.NASL
    description Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM 'Security alerts' page, listed in the References section. (CVE-2011-0311, CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871) Note: The RHSA-2011:0490 java-1.4.2-ibm update did not, unlike the erratum text stated, provide a complete fix for the CVE-2011-0311 issue. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM 1.4.2 SR13-FP10 Java release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 55854
    published 2011-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55854
    title RHEL 4 / 5 : java-1.4.2-ibm (RHSA-2011:1159)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0860.NASL
    description Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE Critical Patch Update Advisory' page, listed in the References section. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 26 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 55014
    published 2011-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55014
    title RHEL 4 / 5 / 6 : java-1.6.0-sun (RHSA-2011:0860)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_JAVA-1_6_0-SUN-110608.NASL
    description Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html (CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0786, CVE-2011-0788, CVE-2011-0866, CVE-2011-0868, CVE-2011-0872, CVE-2011-0867, CVE-2011-0869, CVE-2011-0865)
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 75542
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75542
    title openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0633-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201111-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201111-02 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Impact : A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56724
    published 2011-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56724
    title GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1087.NASL
    description Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM 'Security alerts' page, listed in the References section. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871, CVE-2011-0873) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR12-FP5 Java release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 55667
    published 2011-07-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55667
    title RHEL 4 / 5 / 6 : java-1.5.0-ibm (RHSA-2011:1087)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_JAVA_10_5_UPDATE10.NASL
    description The remote Mac OS X host is running a version of Java for Mac OS X 10.5 that is missing Update 10, which updates the Java version to 1.6.0_26 / 1.5.0_30. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the privileges of the current user outside the Java sandbox.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 55458
    published 2011-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55458
    title Mac OS X : Java for Mac OS X 10.5 Update 10
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110621_JAVA__JDK_1_6_0__ON_SL4_X.NASL
    description This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE Critical Patch Update Advisory' page (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873) All running instances of Sun Java must be restarted for the update to take effect. NOTE: jdk-1.6.0_26-fcs.x86_64.rpm has not been signed. We cannot sign this package without breaking it.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61071
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61071
    title Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-SUN-110609.NASL
    description Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujune2011-3133 39.html
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55137
    published 2011-06-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55137
    title SuSE 11.1 Security Update : Sun/Oracle Java (SAT Patch Number 4698)
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_JUN_2011_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 6 Update 26 / 5.0 Update 30 / 1.4.2_32. Such versions are potentially affected by security issues in the following components : - AWT - Deployment - Deserialization - Hotspot - Java Runtime Environment - Networking - NIO - SAAJ - Sound - Swing
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 64845
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64845
    title Oracle Java SE Multiple Vulnerabilities (June 2011 CPU) (Unix)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_4_2-IBM-7697.NASL
    description IBM Java 1.4.2 SR 13 Fixpack 10 has been released and fixes various bugs and security issues. The following security issues have been fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56006
    published 2011-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56006
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7697)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2011-0013.NASL
    description a. ESX third-party update for Service Console openssl RPM The Service Console openssl RPM is updated to openssl-0.9.8e.12.el5_5.7 resolving two security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-7270 and CVE-2010-4180 to these issues. b. ESX third-party update for Service Console libuser RPM The Service Console libuser RPM is updated to version 0.54.7-2.1.el5_5.2 to resolve a security issue. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2011-0002 to this issue. c. ESX third-party update for Service Console nss and nspr RPMs The Service Console Network Security Services (NSS) and Netscape Portable Runtime (NSPR) libraries are updated to nspr-4.8.6-1 and nss-3.12.8-4 resolving multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3170 and CVE-2010-3173 to these issues. d. vCenter Server and ESX, Oracle (Sun) JRE update 1.6.0_24 Oracle (Sun) JRE is updated to version 1.6.0_24, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_24: CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4474, CVE-2010-4475 and CVE-2010-4476. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.6.0_22: CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573 and CVE-2010-3574. e. vCenter Update Manager Oracle (Sun) JRE update 1.5.0_30 Oracle (Sun) JRE is updated to version 1.5.0_30, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_30: CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0864, CVE-2011-0802, CVE-2011-0814, CVE-2011-0871, CVE-2011-0867 and CVE-2011-0865. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_28: CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4468, CVE-2010-4469, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476. f. Integer overflow in VMware third-party component sfcb This release resolves an integer overflow issue present in the third-party library SFCB when the httpMaxContentLength has been changed from its default value to 0 in in /etc/sfcb/sfcb.cfg. The integer overflow could allow remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2054 to this issue.
    last seen 2019-02-21
    modified 2018-09-06
    plugin id 56665
    published 2011-10-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56665
    title VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-IBM-110713.NASL
    description IBM Java 1.6.0 SR9-FP2 fixes several of bugs and thew following security issues : - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. (CVE-2011-0786) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0788) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. (CVE-2011-0869) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0817) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. (CVE-2011-0863) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. (CVE-2011-0868) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - An unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55619
    published 2011-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55619
    title SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2011-0013_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - Java Runtime Environment (JRE) - libuser - Netscape Portable Runtime (NSPR) - Network Security Services (NSS) - OpenSSL
    last seen 2019-02-21
    modified 2018-08-16
    plugin id 89681
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89681
    title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_4_2-IBM-7698.NASL
    description IBM Java 1.4.2 SR 13 Fixpack 10 has been released and fixes various bugs and security issues. The following security issues have been fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 57205
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57205
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7698)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_JAVA_10_6_UPDATE5.NASL
    description The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 5, which updates the Java version to 1.6.0_26. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the privileges of the current user outside the Java sandbox.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 55459
    published 2011-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55459
    title Mac OS X : Java for Mac OS X 10.6 Update 5
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_4_2-IBM-110818.NASL
    description IBM Java 1.4.2 SR 13 Fixpack 10 has been released and fixes various bugs and security issues. The following security issues have been fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56004
    published 2011-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56004
    title SuSE 11.1 Security Update : IBM Java (SAT Patch Number 5014)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_JUN_2011.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 6 Update 26 / 5.0 Update 30 / 1.4.2_32. Such versions are potentially affected by security issues in the following components : - AWT - Deployment - Deserialization - Hotspot - Java Runtime Environment - Networking - NIO - SAAJ - Sound - Swing
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 54997
    published 2011-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=54997
    title Oracle Java SE Multiple Vulnerabilities (June 2011 CPU)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12810.NASL
    description IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and security issues. The following security issues were fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55768
    published 2011-08-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55768
    title SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12810)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_5_0-IBM-7649.NASL
    description IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and security issues. The following security issues were fixed : - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. (CVE-2011-0865) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Java Runtime Environment. (CVE-2011-0866) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. (CVE-2011-0802) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. (CVE-2011-0814) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. (CVE-2011-0815) - Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0862) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. (CVE-2011-0867) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2011-0871) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. (CVE-2011-0872) - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2011-0873)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 55757
    published 2011-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55757
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7649)
oval via4
  • accepted 2015-03-23T04:00:41.683-04:00
    class vulnerability
    contributors
    • name Scott Quint
      organization DTCC
    • name Dragos Prisaca
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Java SE Development Kit 5 is installed
      oval oval:org.mitre.oval:def:16292
    • comment Java SE Runtime Environment 6 is installed
      oval oval:org.mitre.oval:def:16362
    • comment Java SE Runtime Environment 5 is installed
      oval oval:org.mitre.oval:def:15748
    • comment Java SE Development Kit 6 is installed
      oval oval:org.mitre.oval:def:15831
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814.
    family windows
    id oval:org.mitre.oval:def:14477
    status accepted
    submitted 2011-11-25T18:04:31.000-05:00
    title Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814.
    version 11
  • accepted 2015-04-20T04:00:38.836-04:00
    class vulnerability
    contributors
    • name Yamini Mohan R
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814.
    family unix
    id oval:org.mitre.oval:def:14480
    status accepted
    submitted 2012-01-30T11:27:25.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 44
redhat via4
advisories
  • rhsa
    id RHSA-2011:0860
  • rhsa
    id RHSA-2011:0938
  • rhsa
    id RHSA-2011:1087
  • rhsa
    id RHSA-2011:1159
  • rhsa
    id RHSA-2011:1265
  • rhsa
    id RHSA-2013:1455
refmap via4
cert TA11-201A
confirm
hp
  • HPSBMU02797
  • HPSBMU02799
  • HPSBUX02697
  • HPSBUX02777
  • SSRT100591
  • SSRT100854
  • SSRT100867
secunia
  • 44818
  • 44930
  • 49198
suse
  • SUSE-SA:2011:030
  • SUSE-SA:2011:032
  • SUSE-SA:2011:036
  • SUSE-SU-2011:0807
  • SUSE-SU-2011:0863
  • SUSE-SU-2011:0966
  • openSUSE-SU-2011:0633
Last major update 22-08-2016 - 22:03
Published 14-06-2011 - 14:55
Last modified 30-10-2018 - 12:26
Back to Top