ID CVE-2011-3516
Summary Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:jdk:1.6.0:update_25
    cpe:2.3:a:sun:jdk:1.6.0:update_25
  • cpe:2.3:a:sun:jdk:1.6.0:update_26
    cpe:2.3:a:sun:jdk:1.6.0:update_26
  • cpe:2.3:a:sun:jdk:1.6.0:update_27
    cpe:2.3:a:sun:jdk:1.6.0:update_27
  • cpe:2.3:a:sun:jre:1.6.0:update_25
    cpe:2.3:a:sun:jre:1.6.0:update_25
  • cpe:2.3:a:sun:jre:1.6.0:update_26
    cpe:2.3:a:sun:jre:1.6.0:update_26
  • cpe:2.3:a:sun:jre:1.6.0:update_27
    cpe:2.3:a:sun:jre:1.6.0:update_27
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
  • Sun JDK 1.6.0
    cpe:2.3:a:sun:jdk:1.6.0
  • Sun JDK 6 Update 1
    cpe:2.3:a:sun:jdk:1.6.0:update1
  • Sun JDK 6 Update 2
    cpe:2.3:a:sun:jdk:1.6.0:update2
  • Sun JDK 1.6.0 Update 10
    cpe:2.3:a:sun:jdk:1.6.0:update_10
  • Sun JDK 1.6.0 Update 11
    cpe:2.3:a:sun:jdk:1.6.0:update_11
  • Sun JDK 1.6.0 Update 12
    cpe:2.3:a:sun:jdk:1.6.0:update_12
  • Sun JDK 1.6.0 Update 13
    cpe:2.3:a:sun:jdk:1.6.0:update_13
  • Sun JDK 1.6.0 Update 14
    cpe:2.3:a:sun:jdk:1.6.0:update_14
  • Sun JDK 1.6.0 Update 15
    cpe:2.3:a:sun:jdk:1.6.0:update_15
  • Sun JDK 1.6.0 Update 16
    cpe:2.3:a:sun:jdk:1.6.0:update_16
  • Sun JDK 1.6.0 Update 17
    cpe:2.3:a:sun:jdk:1.6.0:update_17
  • Sun JDK 1.6.0 Update 18
    cpe:2.3:a:sun:jdk:1.6.0:update_18
  • Sun JDK 1.6.0 Update 19
    cpe:2.3:a:sun:jdk:1.6.0:update_19
  • Sun JDK 1.6.0 Update 20
    cpe:2.3:a:sun:jdk:1.6.0:update_20
  • Sun JDK 1.6.0 Update 21
    cpe:2.3:a:sun:jdk:1.6.0:update_21
  • cpe:2.3:a:sun:jdk:1.6.0:update_22
    cpe:2.3:a:sun:jdk:1.6.0:update_22
  • cpe:2.3:a:sun:jdk:1.6.0:update_23
    cpe:2.3:a:sun:jdk:1.6.0:update_23
  • cpe:2.3:a:sun:jdk:1.6.0:update_24
    cpe:2.3:a:sun:jdk:1.6.0:update_24
  • Sun JDK 1.6.0 Update 3
    cpe:2.3:a:sun:jdk:1.6.0:update_3
  • Sun JDK 1.6.0 Update 4
    cpe:2.3:a:sun:jdk:1.6.0:update_4
  • Sun JDK 1.6.0 Update 5
    cpe:2.3:a:sun:jdk:1.6.0:update_5
  • Sun JDK 1.6.0 Update 6
    cpe:2.3:a:sun:jdk:1.6.0:update_6
  • Sun JDK 1.6.0 Update 7
    cpe:2.3:a:sun:jdk:1.6.0:update_7
  • Sun JRE 1.6.0
    cpe:2.3:a:sun:jre:1.6.0
  • Sun JRE 1.6.0 Update 1
    cpe:2.3:a:sun:jre:1.6.0:update_1
  • Sun JRE 1.6.0 Update 10
    cpe:2.3:a:sun:jre:1.6.0:update_10
  • Sun JRE 1.6.0 Update 11
    cpe:2.3:a:sun:jre:1.6.0:update_11
  • Sun JRE 1.6.0 Update 12
    cpe:2.3:a:sun:jre:1.6.0:update_12
  • Sun JRE 1.6.0 Update 13
    cpe:2.3:a:sun:jre:1.6.0:update_13
  • Sun JRE 1.6.0 Update 14
    cpe:2.3:a:sun:jre:1.6.0:update_14
  • Sun JRE 1.6.0 Update 15
    cpe:2.3:a:sun:jre:1.6.0:update_15
  • Sun JRE 1.6.0 Update 16
    cpe:2.3:a:sun:jre:1.6.0:update_16
  • Sun JRE 1.6.0 Update 17
    cpe:2.3:a:sun:jre:1.6.0:update_17
  • Sun JRE 1.6.0 Update 18
    cpe:2.3:a:sun:jre:1.6.0:update_18
  • Sun JRE 1.6.0 Update 19
    cpe:2.3:a:sun:jre:1.6.0:update_19
  • Sun JRE 1.6.0 Update 2
    cpe:2.3:a:sun:jre:1.6.0:update_2
  • Sun JRE 1.6.0 Update 20
    cpe:2.3:a:sun:jre:1.6.0:update_20
  • Sun JRE 1.6.0 Update 21
    cpe:2.3:a:sun:jre:1.6.0:update_21
  • cpe:2.3:a:sun:jre:1.6.0:update_22
    cpe:2.3:a:sun:jre:1.6.0:update_22
  • cpe:2.3:a:sun:jre:1.6.0:update_23
    cpe:2.3:a:sun:jre:1.6.0:update_23
  • cpe:2.3:a:sun:jre:1.6.0:update_24
    cpe:2.3:a:sun:jre:1.6.0:update_24
  • Sun JRE 1.6.0 Update 3
    cpe:2.3:a:sun:jre:1.6.0:update_3
  • Sun JRE 1.6.0 Update 4
    cpe:2.3:a:sun:jre:1.6.0:update_4
  • Sun JRE 1.6.0 Update 5
    cpe:2.3:a:sun:jre:1.6.0:update_5
  • Sun JRE 1.6.0 Update 6
    cpe:2.3:a:sun:jre:1.6.0:update_6
  • Sun JRE 1.6.0 Update 7
    cpe:2.3:a:sun:jre:1.6.0:update_7
CVSS
Base: 7.6 (as of 20-10-2011 - 08:46)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20111019_JAVA_1_6_0_SUN_ON_SL5_X.NASL
    description The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 29 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
    last seen 2018-09-01
    modified 2017-06-05
    plugin id 61158
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61158
    title Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JAVA-1_6_0-IBM-7926.NASL
    description IBM Java 1.6.0 SR10 has been released fixing the following CVE's : - CVE-2011-3389 - CVE-2011-3516 - CVE-2011-3521 - CVE-2011-3544 - CVE-2011-3545 - CVE-2011-3546 - CVE-2011-3547 - CVE-2011-3548 - CVE-2011-3549 - CVE-2011-3550 - CVE-2011-3551 - CVE-2011-3552 - CVE-2011-3553 - CVE-2011-3554 - CVE-2011-3556 - CVE-2011-3557 - CVE-2011-3560 - CVE-2011-3561
    last seen 2018-09-01
    modified 2017-06-05
    plugin id 57658
    published 2012-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57658
    title SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7926)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_JAVA-1_6_0-SUN-111024.NASL
    description Oracle/Sun Java 1.6.0 was updated to the u26 release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct2011-44343 1.html for more details.
    last seen 2018-09-02
    modified 2017-06-05
    plugin id 75874
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75874
    title openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-5320) (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_JAVA-1_6_0-SUN-111024.NASL
    description Oracle/Sun Java 1.6.0 was updated to the u26 release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct2011-44343 1.html for more details.
    last seen 2018-09-02
    modified 2017-06-05
    plugin id 75543
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75543
    title openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-5320) (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_JAVA-1_6_0-OPENJDK-111025.NASL
    description Oracle/Sun OpenJDK 1.6.0 was updated to the 1.10.4release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct2011-44343 1.html for more details.
    last seen 2018-09-01
    modified 2017-06-05
    plugin id 75870
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75870
    title openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-5329) (BEAST)
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_OCT_2011_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 1 / 6 Update 29 / 5.0 Update 32 / 1.4.2_34. As such, it is potentially affected by security issues in the following components : - 2D - AWT - Deployment - Deserialization - Hotspot - Java Runtime Environment - JAXWS - JSSE - Networking - RMI - Scripting - Sound - Swing
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 64846
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64846
    title Oracle Java SE Multiple Vulnerabilities (October 2011 CPU) (BEAST) (Unix)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_OCT_2011.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 1 / 6 Update 29 / 5.0 Update 32 / 1.4.2_34 and is potentially affected by security issues in the following components : - 2D - AWT - Deployment - Deserialization - Hotspot - Java Runtime Environment - JAXWS - JSSE - Networking - RMI - Scripting - Sound - Swing
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 56566
    published 2011-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56566
    title Oracle Java SE Multiple Vulnerabilities (October 2011 CPU) (BEAST)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201111-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201111-02 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Impact : A remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 56724
    published 2011-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56724
    title GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_JAVA-1_6_0-OPENJDK-111025.NASL
    description Oracle/Sun OpenJDK 1.6.0 was updated to the 1.10.4release, fixing lots of bugs and security issues. Please see http://www.oracle.com/technetwork/topics/security/javacpuoct2011-44343 1.html for more details.
    last seen 2018-09-01
    modified 2017-06-05
    plugin id 75539
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75539
    title openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-5329) (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-IBM-120223.NASL
    description IBM Java 1.6.0 SR10 has been released fixing the following CVE's/security Issues : - CVE-2011-3389 - CVE-2011-3516 - CVE-2011-3521 - CVE-2011-3544 - CVE-2011-3545 - CVE-2011-3546 - CVE-2011-3547 - CVE-2011-3548 - CVE-2011-3549 - CVE-2011-3550 - CVE-2011-3551 - CVE-2011-3552 - CVE-2011-3553 - CVE-2011-3554 - CVE-2011-3556 - CVE-2011-3557 - CVE-2011-3560 - CVE-2011-3561
    last seen 2018-09-01
    modified 2017-06-05
    plugin id 58164
    published 2012-02-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58164
    title SuSE 11.1 Security Update : IBM Java 1.6.0 (SAT Patch Number 5872)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2012-0003.NASL
    description a. VirtualCenter and ESX, Oracle (Sun) JRE update 1.5.0_32 Oracle (Sun) JRE is updated to version 1.5.0_32, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_32 in the Oracle Java SE Critical Patch Update Advisory of October 2011.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 58302
    published 2012-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58302
    title VMSA-2012-0003 : VMware VirtualCenter Update and ESX 3.5 patch update JRE
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0034.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM 'Security alerts' page, listed in the References section. (CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java 6 SR10 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2018-11-27
    modified 2018-11-26
    plugin id 57595
    published 2012-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57595
    title RHEL 4 / 5 / 6 : java-1.6.0-ibm (RHSA-2012:0034) (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1384.NASL
    description Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 29 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
    last seen 2018-11-27
    modified 2018-11-26
    plugin id 56560
    published 2011-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56560
    title RHEL 4 / 5 / 6 : java-1.6.0-sun (RHSA-2011:1384) (BEAST)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2012-0005_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Tomcat - bzip2 library - JRE - WDDM display driver - XPDM display driver
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 89106
    published 2016-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89106
    title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0005) (BEAST) (remote check)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1455.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Network Satellite Server 5.4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351, CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Users of Red Hat Network Satellite Server 5.4 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR14 release. For this update to take effect, Red Hat Network Satellite Server must be restarted ('/usr/sbin/rhn-satellite restart'), as well as all running instances of IBM Java.
    last seen 2018-11-27
    modified 2018-11-26
    plugin id 78975
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78975
    title RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)
oval via4
accepted 2014-08-18T04:00:57.335-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization DTCC
  • name Dragos Prisaca
    organization G2, Inc.
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Java SE Runtime Environment 6 is installed
    oval oval:org.mitre.oval:def:16362
  • comment Java SE Development Kit 6 is installed
    oval oval:org.mitre.oval:def:15831
description Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
family windows
id oval:org.mitre.oval:def:14273
status accepted
submitted 2011-11-25T18:04:48.000-05:00
title Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
version 8
redhat via4
advisories
  • rhsa
    id RHSA-2011:1384
  • rhsa
    id RHSA-2013:1455
refmap via4
bid 50229
confirm
hp
  • HPSBMU02797
  • HPSBMU02799
  • HPSBUX02730
  • SSRT100710
  • SSRT100867
sectrack 1026215
secunia 48308
suse SUSE-SU-2012:0114
xf oracle-jre-deployment-unspec(70851)
vmware via4
  • description Oracle (Sun) JRE is updated to version 1.6.0_30which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.
    id VMSA-2012-0005
    last_updated 2012-12-20T00:00:00
    published 2012-03-15T00:00:00
    title vCenter Update ManagerOracle (Sun) JRE update 1.6.0_30
  • description Oracle (Sun) JRE is updated to version 1.5.0_32which addresses multiple security issues that existed in earlier releases of Oracle(Sun) JRE
    id VMSA-2012-0003
    last_updated 2012-09-13T00:00:00
    published 2012-03-08T00:00:00
    title VirtualCenter and ESXOracle (Sun) JRE update 1.5.0_32
Last major update 22-08-2016 - 22:04
Published 19-10-2011 - 17:55
Last modified 05-01-2018 - 21:29
Back to Top